PT-1996-1014 · Oracle+1 · Solaris+1

Publicado

1996-12-10

Atualizado

2008-09-09

CVE-1999-0101

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions AIX (affected versions not specified) Solaris (affected versions not specified)

Description The issue is related to a buffer overflow in the "gethostbyname" library call, which can be exploited through corrupt DNS host names to gain root access.

Recommendations For AIX, update to a version that includes a fix for the buffer overflow in the "gethostbyname" library call. For Solaris, update to a version that includes a fix for the buffer overflow in the "gethostbyname" library call. As a temporary workaround, consider restricting DNS host name parsing to minimize the risk of exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-1999-0101

Produtos afetados

Aix

Solaris

PT-1996-1014 · Oracle+1 · Solaris+1

CVE-1999-0101

Identificadores relacionados

Produtos afetados

Referências · 3