CVE-1999-1013 : named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group to overwrite system files to gain root access via t

named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group to overwrite system files to gain root access via the -f parameter and a malformed zone file.

Published 1999-09-23 04:00:00

Updated 2016-10-18 02:00:11

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-1999-1013

Probability of exploitation activity in the next 30 days: 0.05%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 12 % EPSS Score History EPSS FAQ

CVSS scores for CVE-1999-1013

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-1999-1013

http://marc.info/?l=bugtraq&m=93837026726954&w=2
http://www.securityfocus.com/bid/673

Exploit;Patch;Vendor Advisory

Products affected by CVE-1999-1013

IBM » AIX » Version: 4.2.1
cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*
Matching versions
IBM » AIX » Version: 4.1.5
cpe:2.3:o:ibm:aix:4.1.5:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-1999-1013

Exploit prediction scoring system (EPSS) score for CVE-1999-1013

CVSS scores for CVE-1999-1013

References for CVE-1999-1013

Products affected by CVE-1999-1013