CVE Catalog

CVE-1999-0860

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.64%

46th percentile — higher than 46% of all known CVEs

Summary

Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.

Risk Assessment

An attacker may gain access to sensitive system files, potentially leading to further attacks or compromise of system integrity.

Recommendation

It is recommended to restrict access to the VMSYS environmental variable and to monitor and secure the system against symlink attacks.

Original NVD description (English source)

Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS