CVE Catalog
CVE-1999-1423
LowExploitation Probability (EPSS)
Elevated risk0.92%
56th percentile — higher than 56% of all known CVEs
Summary
In Solaris 2.3 through 2.6, the ping command allows local users to cause a system crash by sending a ping request to a multicast address through the loopback interface.
Risk Assessment
This vulnerability can lead to denial of service, affecting system availability for other users.
Recommendation
It is recommended to restrict access to the ping command or upgrade the system to a newer version to mitigate the risk.
Original NVD description (English source)
ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.

