CVE-1999-0195

CVSS 2.0 Score 5.0 of 10 (medium)

Details

Published Jul 1, 1997
Updated: Nov 20, 2024

Summary

CVE-1999-0195 is a denial-of-service vulnerability affecting RPC portmapper. Attackers can exploit this issue by registering or unregistering RPC services, or by spoofing RPC services using a fake IP address like 127.0.0.1. This allows them to cause the service to become unavailable, potentially causing disruptions and downtime for affected systems. The vulnerability arises due to insufficient input validation and access control checks in the portmapper protocol. It is recommended that affected systems be updated with the appropriate patches to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • SGI IRAX
  • Linux Kernel

Affected Vendors

  • LINUX
  • Saskatchewan Government Insurance