[原文]** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1584, CVE-1999-1586. Reason: This candidate combined references from one issue with the description from another issue. Notes: Users should consult CVE-1999-1584 and CVE-1999-1586 to obtain the appropriate name. All references and descriptions in this candidate have been removed to prevent accidental usage.
SunOS version 4.1.x contains a flaw in loadmodule that may allow a malicious local user to gain unauthorized root privileges. The issue is due to the way the loadmodule program fails to sanitize the path environment variable. This flaw may lead to a loss of Confidentiality and Integrity.
Currently, there are no known workarounds or upgrades to correct this issue. However, Sun Microsystems has released a patch to address this vulnerability.