CVE-1999-0656

CVSS 2.0 Score 5.0 of 10 (medium)

Details

Published Jan 1, 1999
Updated: Nov 20, 2024
CWE ID 16

Summary

CVE-1999-0656 is a vulnerability affecting the ugidd RPC interface. This issue arises due to the interface's design, which permits remote attackers to enumerate valid usernames by specifying arbitrary User IDs (UIDs). The vulnerability allows attackers to map these UIDs to local user and group names, potentially leading to unauthorized access or further exploitation. This information disclosure issue was reported in 1999 and poses a significant security risk to affected systems. System administrators are advised to patch or mitigate this vulnerability promptly to prevent unauthorized enumeration of usernames.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share