CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 1CVE-1999-0210 – Solaris 2.5.1 - 'automount' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-1999-0210
Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters. • https://www.exploit-db.com/exploits/19199 http://marc.info/?l=bugtraq&m=88053459921223&w=2 http://marc.info/?l=bugtraq&m=91547759121289&w=2 http://www.cert.org/advisories/CA-99-05-statd-automountd.html http://www.securityfocus.com/bid/235 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9910-104 •
CVSS: 10.0EPSS: 6%CPEs: 40EXPL: 0CVE-1999-0097
https://notcve.org/view.php?id=CVE-1999-0097
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character). • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0097 •
CVSS: 7.5EPSS: 3%CPEs: 7EXPL: 0CVE-1999-0300
https://notcve.org/view.php?id=CVE-1999-0300
nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/155 •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-1999-0295
https://notcve.org/view.php?id=CVE-1999-0295
Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/157 •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-1999-0185
https://notcve.org/view.php?id=CVE-1999-0185
In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/156 •