Description
The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone.
References (4)
Core 4
Core References
Patch, Vendor Advisory vendor-advisory
x_refsource_sun
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/122&type=0&nav=sec.sba
Patch, Vendor Advisory third-party-advisory
government-resource
x_refsource_ciac
http://www.ciac.org/ciac/bulletins/e-01.shtml
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/549
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/6436
Scores
EPSS
0.0020
EPSS Percentile
42.1%
Details
Status
published
Products (4)
sun/solaris
sun/sunos
sun/sunos
4.1
sun/sunos
5.0
Published
Oct 01, 1993
Tracked Since
Feb 18, 2026