CVE Catalog

CVE-1999-1587

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
0.95%

56th percentile — higher than 56% of all known CVEs

Summary

In Sun Microsystems Solaris 8 and 9, and certain earlier releases, the /usr/ucb/ps command allows local users to view the environment variables and values of arbitrary processes via the -e option.

Risk Assessment

The ability to disclose environment variables may lead to leakage of sensitive information, posing a security risk to the system.

Recommendation

It is recommended to restrict access to the /usr/ucb/ps command or implement appropriate safeguards to minimize the risk of information disclosure.

Original NVD description (English source)

/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variables and values of arbitrary processes via the -e option.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS