CVE-1999-1295

Name of the Vulnerable Software and Affected Versions Transarc DCE Distributed File System (DFS) version 1.1 for Solaris 2.4 and 2.5

Description The issue arises from the improper initialization of the grouplist for users who are part of a large number of groups. This could potentially allow such users to access resources protected by DFS that they should not have access to.

Recommendations For Transarc DCE Distributed File System (DFS) version 1.1 on Solaris 2.4 and 2.5, consider restricting access to sensitive resources until a proper fix is applied to ensure grouplist initialization is handled correctly for users with multiple group memberships. At the moment, there is no information about a newer version that contains a fix for this vulnerability.