CVE-1999-1013 — IBM AIX vulnerability

3 documents3 sources

Severity

7.2HIGHNVD

EPSS

0.1%

top 82.70%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM AIX

Timeline

PublishedSep 23

Latest updateApr 30

Description

named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group to overwrite system files to gain root access via the -f parameter and a malformed zone file.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDibm/aix4.1.5, 4.2.1+1

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-958c-wvqf-f46f: named-xfer in AIX 4↗2022-04-30

▶

CVEList

CVE-1999-1013: named-xfer in AIX 4↗2001-09-12

▶