CVE Catalog

CVE-1999-1423

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
0.92%

56th percentile — higher than 56% of all known CVEs

Summary

In Solaris 2.3 through 2.6, the ping command allows local users to cause a system crash by sending a ping request to a multicast address through the loopback interface.

Risk Assessment

This vulnerability can lead to denial of service, affecting system availability for other users.

Recommendation

It is recommended to restrict access to the ping command or upgrade the system to a newer version to mitigate the risk.

Original NVD description (English source)

ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS