Description
NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 bit UID, which allows a local user to gain root access if the lower 16 bits are set to 0, as fixed by the NFS jumbo patch upgrade.
References (4)
Core 4
Core References
Patch, Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert
http://www.cert.org/advisories/CA-1992-15.html
Patch vendor-advisory
x_refsource_sun
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/117&type=0&nav=sec.sba
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/47
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/82
Scores
EPSS
0.0062
EPSS Percentile
70.3%
Details
Status
published
Products (3)
sun/sunos
4.1
sun/sunos
4.1.1
sun/sunos
4.1.2
Published
Dec 30, 1992
Tracked Since
Feb 18, 2026