CVE-1999-1075 — IBM AIX vulnerability

5 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

0.8%

top 26.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM AIX

Timeline

PublishedMar 18

Latest updateApr 30

Description

inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver (ToolTalk server), but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attackers to cause a denial of service via a large number of connections to port N-1, which are not properly closed by inetd.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/aix4.1.5

🔴Vulnerability Details

GHSA

GHSA-pfhq-836m-g5x5: inetd in AIX 4↗2022-04-30

▶

CVEList

CVE-1999-1075: inetd in AIX 4↗2001-09-12

▶

🔍Detection Rules

Suricata

GPL RPC portmap ttdbserv request TCP↗2010-09-23

▶

Suricata

GPL RPC portmap ttdbserv request UDP↗2010-09-23

▶