7.5
CWE
NVD-CWE-Other
Advisory Published
CVE Published
Updated

CVE-1999-0687

First published: Mon Sep 13 1999(Updated: )

The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.

Credit: cve@mitre.org cve@mitre.org

Affected SoftwareAffected VersionHow to fix
cde cde=1.0.1
cde cde=1.0.2
cde cde=1.1
cde cde=2.1
cde cde=1.2
cde cde=2.120
cde cde=2.0
IBM AIX=4.3.2
IBM AIX=4.3
Sun SunOS=5.3
IBM AIX=4.2.1
Sun SunOS=4.1.4
Oracle Solaris and Zettabyte File System (ZFS)=2.4
Digital OpenVMS=4.0d
Oracle Solaris and Zettabyte File System (ZFS)=2.5.1
Oracle Solaris and Zettabyte File System (ZFS)=2.5
IBM AIX=4.1.4
IBM AIX=4.2
Digital OpenVMS=4.0f
IBM AIX=4.1.5
Sun SunOS=5.7
Sun SunOS=5.5
Oracle Solaris and Zettabyte File System (ZFS)=7.0
IBM AIX=4.1.1
Sun SunOS=5.4
Sun SunOS=5.5.1
IBM AIX=4.1.2
IBM AIX=4.3.1
Sun SunOS=4.1.3u1
IBM AIX=4.1
IBM AIX=4.1.3
Oracle Solaris and Zettabyte File System (ZFS)=2.6
Sun SunOS
cde=1.0.1
cde=1.0.2
cde=1.1
cde=1.2
cde=2.0
cde=2.1
cde=2.120
SunOS
SunOS=4.1.3u1
SunOS=4.1.4
SunOS=5.3
SunOS=5.4
SunOS=5.5
SunOS=5.5.1
SunOS=5.7
=1.0.1
=1.0.2
=1.1
=1.2
=2.0
=2.1
=2.120
=4.0d
=4.0f
=4.1
=4.1.1
=4.1.2
=4.1.3
=4.1.4
=4.1.5
=4.2
=4.2.1
=4.3
=4.3.1
=4.3.2
=2.4
=2.5
=2.5.1
=2.6
=7.0
=4.1.3u1
=4.1.4
=5.3
=5.4
=5.5
=5.5.1
=5.7

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the severity of CVE-1999-0687?

    CVE-1999-0687 is classified as a high severity vulnerability due to its potential to allow remote command execution.

  • How do I fix CVE-1999-0687?

    To fix CVE-1999-0687, update the affected ToolTalk ttsession daemon to a version that implements stronger RPC authentication.

  • Which software versions are affected by CVE-1999-0687?

    CVE-1999-0687 affects ToolTalk versions 1.0.1, 1.0.2, 1.1, 1.2, 2.0, and various versions of IBM AIX and Sun Solaris.

  • What is the risk associated with CVE-1999-0687?

    The risk associated with CVE-1999-0687 includes unauthorized remote command execution by attackers exploiting weak RPC authentication.

  • Is CVE-1999-0687 still relevant today?

    While CVE-1999-0687 may seem outdated, its implications are still relevant as many systems may still operate on affected software versions.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203