CyberSec.Space Logo
Back to CVE Browser

CVE-1999-1584

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0530%
EPSS Percentile3.04th
PublishedDec 31, 1999
Last ModifiedApr 16, 2026

Vulnerability Description

Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through 4.1.3c, and Open Windows 3.0, allows local users to gain root privileges via environment variables, a different vulnerability than CVE-1999-1586.

Affected Platforms (CPE)

πŸ“¦
Sun

Openwindows

= 3.0
πŸ’»
Sun

Sunos

= 4.1.1
πŸ’»
Sun

Sunos

= 4.1.2
πŸ’»
Sun

Sunos

= 4.1.3
πŸ’»
Sun

Sunos

= 4.1.3c

References & Advisories

πŸ”— http://sunsolve.sun.com/search/document.do?assetkey=1-22-00124-1
πŸ”— http://www.cert.org/advisories/CA-1993-18.html
πŸ”— http://sunsolve.sun.com/search/document.do?assetkey=1-22-00124-1
πŸ”— http://www.cert.org/advisories/CA-1993-18.html

Related Vulnerabilities

CVE-1999-03697.2

The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.

CVE-2002-15885.0

Mailtool for OpenWindows 3.6, 3.6.1, and 3.6.2 allows remote attackers to cause a denial of service (mailtool segmentation violati...

CVE-1999-12972.1

cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display...

CVE-1999-039710.0

The demo version of the Quakenbush NT Password Appraiser sends passwords across the network in plaintext.