CVE-1999-1080

Published May 10, 1995

Last updated 7 years ago

Overview

Description: rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References