Description
Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Ralf Lehmann · textlocalsolaris
https://www.exploit-db.com/exploits/19126
References (2)
Core 2
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=90221104525997&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/160
Scores
EPSS
0.0644
EPSS Percentile
91.2%
Details
Status
published
Products (8)
sun/solaris
2.4
sun/solaris
2.5
sun/solaris
2.5.1 (2 CPE variants)
sun/solaris
2.6
sun/sunos
sun/sunos
5.4
sun/sunos
5.5
sun/sunos
5.5.1
Published
Jul 16, 1998
Tracked Since
Feb 18, 2026