SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3) sendmail, that change the real and effective user ids to the same user.
CVSS Score
7.2
EPSS Score
0.001
Published
1992-05-27
rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable.
CVSS Score
6.2
EPSS Score
0.001
Published
1991-10-22
The installation of Sun Source (sunsrc) tapes allows local users to gain root privileges via setuid root programs (1) makeinstall or (2) winstall.
CVSS Score
7.2
EPSS Score
0.003
Published
1991-05-20
Vulnerability in in.telnetd in SunOS 4.1.1 and earlier allows local users to gain root privileges.
CVSS Score
7.2
EPSS Score
0.001
Published
1991-03-27
Vulnerability in in.rlogind in SunOS 4.0.3 and 4.0.3c allows local users to gain root privileges.
CVSS Score
7.2
EPSS Score
0.001
Published
1991-03-27
Vulnerability in /bin/mail in SunOS 4.1.1 and earlier allows local users to gain root privileges via certain command line arguments.
CVSS Score
7.2
EPSS Score
0.001
Published
1991-02-22
rpc.pwdauthd in SunOS 4.1.1 and earlier does not properly prevent remote access to the daemon, which allows remote attackers to obtain sensitive system information.
CVSS Score
5.0
EPSS Score
0.008
Published
1991-01-15
The SunView (SunTools) selection_svc facility allows remote users to read files.
CVSS Score
5.0
EPSS Score
0.442
Published
1990-08-14
Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin.
CVSS Score
7.5
EPSS Score
0.007
Published
1990-01-29
Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trusted hosts to execute arbitrary commands as root, possibly related to the configuration of the nobody user.
CVSS Score
10.0
EPSS Score
0.029
Published
1989-10-26