CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 2CVE-1999-1413 – Solaris 7.0 - 'Coredump' File Write
https://notcve.org/view.php?id=CVE-1999-1413
Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg. • https://www.exploit-db.com/exploits/19236 http://marc.info/?l=bugtraq&m=87602167419549&w=2 http://www.securityfocus.com/bid/296 •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-1999-0136
https://notcve.org/view.php?id=CVE-1999-0136
Kodak Color Management System (KCMS) on Solaris allows a local user to write to arbitrary files and gain root access. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0136 •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-1999-0135
https://notcve.org/view.php?id=CVE-1999-0135
admintool in Solaris allows a local user to write to arbitrary files and gain root access. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0135 •
CVSS: 7.2EPSS: 0%CPEs: 28EXPL: 1CVE-1999-0023 – BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Buffer Overrun
https://notcve.org/view.php?id=CVE-1999-0023
Local user gains root privileges via buffer overflow in rdist, via lookup() function. • https://www.exploit-db.com/exploits/19106 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0023 •
CVSS: 7.8EPSS: 0%CPEs: 39EXPL: 0CVE-1999-0022
https://notcve.org/view.php?id=CVE-1999-0022
Local user gains root privileges via buffer overflow in rdist, via expstr() function. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/179 • CWE-125: Out-of-bounds Read •