PT-1998-1196 · Sun · Xview+2
Published
1998-07-15
·
Updated
2018-10-30
·
CVE-1999-1297
CVSS v2.0
2.1
Low
| Vector | AV:L/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
OpenWindows versions 3.0
XView versions 3.0 in SunOS versions 4.1.4 and earlier
Description
The issue allows attackers with physical access to the system to display unechoed characters, such as those from password prompts, via the L2/AGAIN key.
Recommendations
For OpenWindows version 3.0, restrict physical access to the system to minimize the risk of exploitation.
For XView version 3.0 in SunOS versions 4.1.4 and earlier, consider disabling the use of the L2/AGAIN key as a temporary workaround until a fix is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Openwindows
Sunos
Xview