CVE Catalog

CVE-1999-1297

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.35%

26th percentile — higher than 26% of all known CVEs

Summary

cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.

Risk Assessment

Attackers can gain access to sensitive information, such as passwords, which may lead to unauthorized access to the system.

Recommendation

It is recommended to upgrade the system to a newer version to mitigate this vulnerability and to restrict physical access to servers.

Original NVD description (English source)

cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS