PT-1999-1530 · Isc+1 · Named-Xfer+1

Published

1999-09-23

Updated

2016-10-18

CVE-1999-1013

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions AIX versions 4.1.5 through 4.2.1

Description The issue allows members of the system group to gain root access by overwriting system files. This is achieved via the -f parameter and a malformed zone file in the named-xfer component.

Recommendations For AIX versions 4.1.5 through 4.2.1, consider restricting access to the named-xfer component to prevent potential exploitation. As a temporary workaround, avoid using the -f parameter with malformed zone files until a fix is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1013

Affected Products

Aix

Named-Xfer

PT-1999-1530 · Isc+1 · Named-Xfer+1

CVE-1999-1013

Related Identifiers

Affected Products

References · 3