CVE Catalog

CVE-1999-1402

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
0.80%

52th percentile — higher than 52% of all known CVEs

Summary

In Solaris 2.x, SunOS 4.x, and other BSD-based operating systems prior to version 4.4, access permissions for UNIX domain sockets are ignored. This could allow local users to connect to the socket and potentially disrupt or control the operations of the program using that socket.

Risk Assessment

The ignoring of access permissions poses a risk that local users may gain unauthorized access to critical program functions, potentially leading to disruptions in their operation.

Recommendation

It is recommended to update systems to the latest versions that improve socket permission management and to monitor socket access to detect unauthorized connection attempts.

Original NVD description (English source)

The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS