PT-1999-1530 · Isc+1 · Named-Xfer+1

Publicado

1999-09-23

Atualizado

2016-10-18

CVE-1999-1013

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions AIX versions 4.1.5 through 4.2.1

Description The issue allows members of the system group to gain root access by overwriting system files. This is achieved via the -f parameter and a malformed zone file in the named-xfer component.

Recommendations For AIX versions 4.1.5 through 4.2.1, consider restricting access to the named-xfer component to prevent potential exploitation. As a temporary workaround, avoid using the -f parameter with malformed zone files until a fix is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-1999-1013

Produtos afetados

Aix

Named-Xfer

PT-1999-1530 · Isc+1 · Named-Xfer+1

CVE-1999-1013

Identificadores relacionados

Produtos afetados

Referências · 3