CVE-1999-1389
First published: Mon May 11 1998(Updated: )
US Robotics/3Com Total Control Chassis with Frame Relay between 3.6.22 and 3.7.24 does not properly enforce access filters when the "set host prompt" setting is made for a port, which allows attackers to bypass restrictions by providing the hostname twice at the "host: " prompt.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| 3com Total Control Netserver Card | <=3.7.24 | |
| <=3.7.24 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-1999-1389?
CVE-1999-1389 is considered a high severity vulnerability due to the potential for attackers to bypass access restrictions.
How do I fix CVE-1999-1389?
To fix CVE-1999-1389, upgrade the US Robotics/3Com Total Control Chassis to a version later than 3.7.24 to ensure proper access filter enforcement.
What systems are affected by CVE-1999-1389?
CVE-1999-1389 affects the US Robotics/3Com Total Control Chassis versions between 3.6.22 and 3.7.24.
Can CVE-1999-1389 be exploited remotely?
Yes, CVE-1999-1389 can be exploited remotely since it allows attackers to bypass access controls via the host prompt.
What is the impact of CVE-1999-1389?
The impact of CVE-1999-1389 includes unauthorized access, which may lead to manipulation of the device settings and potential network compromise.
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/event
- agent/tags
- agent/source
- vendor/3com
- canonical/3com total control netserver card
- version/3com total control netserver card/3.7.24