CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 2CVE-1999-1413 – Solaris 7.0 - 'Coredump' File Write
https://notcve.org/view.php?id=CVE-1999-1413
Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg. • https://www.exploit-db.com/exploits/19236 http://marc.info/?l=bugtraq&m=87602167419549&w=2 http://www.securityfocus.com/bid/296 •
CVSS: 7.2EPSS: 0%CPEs: 28EXPL: 1CVE-1999-0023 – BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Buffer Overrun
https://notcve.org/view.php?id=CVE-1999-0023
Local user gains root privileges via buffer overflow in rdist, via lookup() function. • https://www.exploit-db.com/exploits/19106 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0023 •
CVSS: 7.8EPSS: 0%CPEs: 39EXPL: 0CVE-1999-0022
https://notcve.org/view.php?id=CVE-1999-0022
Local user gains root privileges via buffer overflow in rdist, via expstr() function. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/179 • CWE-125: Out-of-bounds Read •
CVSS: 5.0EPSS: 0%CPEs: 20EXPL: 0CVE-1999-0019
https://notcve.org/view.php?id=CVE-1999-0019
Delete or create a file via rpc.statd, due to invalid information. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/135 •
CVSS: 1.9EPSS: 0%CPEs: 17EXPL: 0CVE-1999-0078
https://notcve.org/view.php?id=CVE-1999-0078
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0078 •