CVE-1999-1402

Solaris/SunOS <4.4 - Local Privilege Escalation

Title source: llm

Description

The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Thamer Al-Herbish · clocalfreebsd

https://www.exploit-db.com/exploits/19346

View Code ZIP pw:eip

References (4)

[Third Party Advisory] http://www.iss.net/security_center/static/7172.php

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/456

[Mailing List] http://marc.info/?l=bugtraq&m=87602248718482&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=87602167418317&w=2

Scores

EPSS 0.0027

EPSS Percentile 50.3%

Details

Status published

Products (16)

freebsd/freebsd 2.2.2

freebsd/freebsd 2.2.3

freebsd/freebsd 2.2.4

freebsd/freebsd 2.2.5

freebsd/freebsd 2.2.6

freebsd/freebsd 2.2.8

freebsd/freebsd 3.0

freebsd/freebsd 3.1

sun/solaris 2.5

sun/solaris 2.5.1 (2 CPE variants)

... and 6 more

Published May 17, 1997

Tracked Since Feb 18, 2026