• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0022. Reason: This candidate is a duplicate of CVE-1999-0022. Notes: All CVE users should reference CVE-1999-0022 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Assigning CNA
MITRE Corporation
Date Record Created
19990607 Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20050204)
Votes (Legacy)
ACCEPT(2) Hill, Northcutt
RECAST(3) Baker, Frech, Prosser
REVIEWING(1) Christey
Comments (Legacy)
 Prosser> The Sun Patches in Ref roll-up fixes for an earlier BO in
   rdist lookup( )(ref CERT 96.14)as well as the BO in rdist function expstr()
   (ref CERT 97-23) and various vendor bulletins.  However both of these rdist
   BO's affect many more OSs than just Sun, i.e., BSD/OS 2.1, DEC OSF's, AIX,
   FreeBSD, SCO, SGI, etc.  Believe this falls into the SF-codebase content
 Frech> XF:rdist-bo (error msg formation)
   XF:rdist-bo2 (execute code)
   XF:rdist-bo3 (execute user-created code)
   XF:rdist-sept97 (root from local)
 Christey> Duplicate of CVE-1999-0022 (SUN:00179 is referenced in
   CERT:CA-97.23.rdist), but as Mike and Andre noted, there
   are multiple flaws here, so a RECAST may be necessary.
 Dik> As currently phrasedm thissa duplicate of CVE-1999-0022
 Baker> Based on our new philosophy, this should be recast/merged or re-described.

Proposed (Legacy)
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.