CVE-1999-1424

Description

Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries.

Affected products

• sun / solstice_adminsuite2.1 – 2.1
• sun / solstice_adminsuite2.1 – 2.1
• sun / solstice_adminsuite2.2 – 2.2
• sun / solstice_adminsuite2.2 – 2.2

References

• MISChttp://www.securityfocus.com/bid/208
• MISChttp://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/145