CVE-1999-1297
LowExploitation Probability (EPSS)
Low risk26th percentile — higher than 26% of all known CVEs
Summary
cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.
Risk Assessment
Attackers can gain access to sensitive information, such as passwords, which may lead to unauthorized access to the system.
Recommendation
It is recommended to upgrade the system to a newer version to mitigate this vulnerability and to restrict physical access to servers.
Original NVD description (English source)
cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.

