CVE-1999-0022

CVSS 2.0 Score 7.2 of 10 (high)

Details

Published Jul 3, 1996
Updated: Nov 20, 2024
CWE ID 125

Summary

CVE-1999-0022 is a vulnerability affecting the rdist utility, where a local user can exploit a buffer overflow issue in the expstr() function. By sending crafted data to this function, an attacker can gain root privileges, significantly escalating their access level within the affected system. This vulnerability poses a serious risk, especially in environments where rdist is used extensively, and patching it promptly is essential to mitigate potential attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • SGI IRAX
  • IBM AIX
  • SunOS
  • FreeBSD
  • Sun Solaris

Affected Vendors

  • IBM Corporation
  • Oracle Corp
  • Sun.
  • FreeBSD Project
  • Saskatchewan Government Insurance