CVE-1999-1080

Sažetak

rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf.

Reference

http://marc.info/?l=bugtraq&m=92633694100270&w=2
http://marc.info/?l=bugtraq&m=93971288323395&w=2
http://www.securityfocus.com/bid/250
https://exchange.xforce.ibmcloud.com/vulnerabilities/8350

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

03-05-2018 - 01:29

Objavljeno

10-05-1995 - 04:00