CVE-1999-1587

Name of the Vulnerable Software and Affected Versions Sun Microsystems Solaris versions 8 and 9, and certain earlier releases

Description The issue is related to insufficient protection of sensitive data in the /usr/ucb/ps component of the Solaris operating system. This allows local users to view the environment variables and values of arbitrary processes via the -e option. Exploitation of this issue may enable an attacker to access confidential information.

Recommendations For Sun Microsystems Solaris versions 8 and 9, and certain earlier releases, consider restricting access to the /usr/ucb/ps component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.