PT-1996-1071 · Oracle · Solaris

Published

1996-08-03

Updated

2018-10-30

CVE-1999-1413

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Solaris versions 2.4 before kernel jumbo patch -35

Description The issue allows set-gid programs to dump core even if the real user id is not in the set-gid group. This enables local users to overwrite or create files at higher privileges by causing a core dump, for example, through the dmesg command.

Recommendations For Solaris version 2.4, apply kernel jumbo patch -35 to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1413

Affected Products

Solaris

PT-1996-1071 · Oracle · Solaris

CVE-1999-1413

Related Identifiers

Affected Products

References · 4