CVE-1999-0023: Buffer Overflow
First published: Wed Jul 24 1996(Updated: )
Local user gains root privileges via buffer overflow in rdist, via lookup() function.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| inet | =5.01 | |
| inet | =6.01 | |
| Xinuos OpenServer | =5.0 | |
| SCO Open Desktop | =3.0 | |
| Sun SunOS | =5.3 | |
| Sun SunOS | =4.1.4 | |
| Xinuos OpenServer | =2.0 | |
| IBM AIX | =4.2 | |
| FreeBSD Kernel | =2.0.5 | |
| SCO Open Desktop | =2.0 | |
| Xinuos OpenServer | =5.0.2 | |
| SCO Internet FastStart | =1.0 | |
| Sun SunOS | =5.5 | |
| SCO TCP/IP | =1.2.1 | |
| Xinuos UnixWare | =2.1 | |
| FreeBSD Kernel | =2.2 | |
| FreeBSD Kernel | =2.1.0 | |
| Sun SunOS | =5.4 | |
| Sun SunOS | =5.5.1 | |
| Sun SunOS | =4.1.3u1 | |
| Xinuos UnixWare | =2.0 | |
| Sun SunOS | =4.1.3 | |
| IBM AIX | =4.1 | |
| SCO TCP/IP | =1.2.0 | |
| BSDI BSD/OS | ||
| IBM AIX | =3.2 | |
| FreeBSD Kernel | =2.0 | |
| Sun SunOS |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-1999-0023?
CVE-1999-0023 is classified as a high severity vulnerability due to the potential for local users to gain root privileges.
How do I fix CVE-1999-0023?
To fix CVE-1999-0023, you should apply security patches provided by your software vendor for the affected versions of inet, FreeBSD, AIX, SCO, or SunOS.
Who is affected by CVE-1999-0023?
CVE-1999-0023 affects local users on systems running specific versions of inet, FreeBSD, AIX, SCO Internet FastStart, and SunOS.
What systems are vulnerable to CVE-1999-0023?
Systems vulnerable to CVE-1999-0023 include inet versions 5.01 and 6.01, various FreeBSD versions, AIX versions 3.2 to 4.2, and several versions of SCO and SunOS.
What is the nature of the vulnerability outlined in CVE-1999-0023?
CVE-1999-0023 is a buffer overflow vulnerability in the rdist lookup() function that allows local users to execute code with elevated privileges.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/references
- agent/description
- agent/last-modified-date
- agent/author
- agent/event
- agent/source
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- collector/nvd-index
- agent/softwarecombine
- agent/tags
- vendor/inet
- canonical/inet
- version/inet/5.01
- version/inet/6.01
- vendor/sco
- canonical/xinuos openserver
- version/xinuos openserver/5.0
- canonical/sco open desktop
- version/sco open desktop/3.0
- vendor/sun
- canonical/sun sunos
- version/sun sunos/5.3
- version/sun sunos/4.1.4
- version/xinuos openserver/2.0
- vendor/ibm
- canonical/ibm aix
- version/ibm aix/4.2
- vendor/freebsd
- canonical/freebsd kernel
- version/freebsd kernel/2.0.5
- version/sco open desktop/2.0
- version/xinuos openserver/5.0.2
- canonical/sco internet faststart
- version/sco internet faststart/1.0
- version/sun sunos/5.5
- canonical/sco tcp/ip
- version/sco tcp/ip/1.2.1
- canonical/xinuos unixware
- version/xinuos unixware/2.1
- version/freebsd kernel/2.2
- version/freebsd kernel/2.1.0
- version/sun sunos/5.4
- version/sun sunos/5.5.1
- version/sun sunos/4.1.3u1
- version/xinuos unixware/2.0
- version/sun sunos/4.1.3
- version/ibm aix/4.1
- version/sco tcp/ip/1.2.0
- vendor/bsdi
- canonical/bsdi bsd/os
- version/ibm aix/3.2
- version/freebsd kernel/2.0