CVE-1999-1021

NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 bit UID, which allows a local user to gain root access if the lower 16 bits are set to 0, as fixed by the NFS jumbo patch upgrade.

Score7.2
Access VectorLOCAL
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactCOMPLETE
Integrity ImpactCOMPLETE
Availability ImpactCOMPLETE
Published1992-12-30 12:00:00.000-05
Last Modified2017-10-09 09:29:01.000-04

Vulnerable Software List

VendorProductVersions
Sun Sunos 4.1, 4.1.1, 4.1.2

References

SourceLink
SUN00117
CERTCA-1992-15
BID47
XFnfs-uid(82)