Published: 17/05/1997 Updated: 30/10/2018

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 215

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems prior to 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freebsd freebsd 2.2.5
freebsd freebsd 2.2.6
sun solaris 2.5.1
freebsd freebsd 2.2.3
freebsd freebsd 2.2.4
sun sunos 5.5
sun sunos 5.5.1
freebsd freebsd 2.2.8
freebsd freebsd 3.0
sun solaris 2.5
sun solaris 2.6
freebsd freebsd 2.2.2
freebsd freebsd 3.1
sun sunos 5.0
sun sunos -
sun sunos 4.0

source: wwwsecurityfocuscom/bid/456/info Solaris 26 and many other unices/clones have a serious problem with their unix domain socket implementation that has it's origins in old BSD code Any unix socket created by any application is set mode 4777 In Solaris versions 25 and earlier, the permissions were ignored completely The applica ...

NVD-CWE-Other http://www.securityfocus.com/bid/456 http://www.iss.net/security_center/static/7172.php http://marc.info/?l=bugtraq&m=87602167418317&w=2 http://marc.info/?l=bugtraq&m=87602248718482&w=2 https://nvd.nist.gov https://www.exploit-db.com/exploits/19346/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-1999-1402

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect