CVE-1999-1080

high

Description

rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/8350

http://www.securityfocus.com/bid/250

http://marc.info/?l=bugtraq&m=93971288323395&w=2

http://marc.info/?l=bugtraq&m=92633694100270&w=2

Details

Source: Mitre, NVD

Published: 1995-05-10

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00061