CVE-1999-1432

Name of the Vulnerable Software and Affected Versions Solaris versions 2.4 through 2.6

Description The issue concerns power management on Solaris, where the xlock process does not start until after the sys-suspend has completed. This allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, potentially leading to increased privileges.

Recommendations For Solaris versions 2.4 through 2.6, consider implementing a workaround to start the xlock process immediately after sys-suspend to prevent unauthorized keyboard input. At the moment, there is no information about a newer version that contains a fix for this vulnerability.