CVE-1999-1295
First published: Tue Sep 17 1996(Updated: )
Transarc DCE Distributed File System (DFS) 1.1 for Solaris 2.4 and 2.5 does not properly initialize the grouplist for users who belong to a large number of groups, which could allow those users to gain access to resources that are protected by DFS.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Transarc DCE Distributed File System | =1.1 | |
| =1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-1999-1295?
CVE-1999-1295 is considered a high severity vulnerability due to the potential for unauthorized access to DFS-protected resources.
How do I fix CVE-1999-1295?
To fix CVE-1999-1295, ensure proper group initialization in DFS, though updating to a more secure version or migration may be necessary.
Who is affected by CVE-1999-1295?
Users of Transarc DCE Distributed File System version 1.1 on Solaris 2.4 and 2.5 are affected by CVE-1999-1295.
What systems are vulnerable to CVE-1999-1295?
CVE-1999-1295 affects systems running Transarc DCE Distributed File System version 1.1 on Solaris operating systems.
Is CVE-1999-1295 exploitative in nature?
Yes, CVE-1999-1295 can be exploited to gain unauthorized access to protected resources within the DFS.
- collector/nvd-historical
- vendor/transarc
- product/dce distributed file system
- canonical/transarc dce distributed file system
- collector/nvd-index
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/remedy
- agent/severity
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/event
- agent/tags
- agent/source
- version/transarc dce distributed file system/1.1