Description
cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.
References (2)
Core 2
Core References
Patch issue-tracking
x_refsource_sunbug
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fpatches%2F100452&zone_32=10045%2A%20
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/7482
Scores
EPSS
0.0013
EPSS Percentile
31.9%
Details
Status
published
Products (6)
sun/sunos
sun/sunos
4.1
sun/sunos
4.1.1
sun/sunos
4.1.2
sun/sunos
4.1.3
sun/sunos
4.1.4
Published
Jul 15, 1998
Tracked Since
Feb 18, 2026