CVE-ID

CVE-1999-0243

• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Linux cfingerd could be exploited to gain root access.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Assigning CNA
MITRE Corporation
Date Record Created
19990607 Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Proposed (19990714)
Votes (Legacy)
ACCEPT(1) Shostack
NOOP(4) Baker, Levy, Northcutt, Wall
REJECT(2) Christey, Frech
Comments (Legacy)
 Christey> This has no sources; neither does the original database that
   this entry came from.  It's a likely duplicate of 
   CVE-1999-0813.
 Frech> I disagree on the dupe; see Linux-Security Mailing List,
   "[linux-security] Cfinger (Yet more :)" at
   http://www.geocrawler.com/archives/3/92/1996/9/0/2217716/. Seems as
   if v1.2.3 is vulnerable, perhaps 1.3.0 also. CVE-1999-0813 pertains
   to 1.4.x and below and shows up two years later.
 CHANGE> [Frech changed vote from REVIEWING to REJECT]
 Frech> If the reference I previously supplied is correct, then
   it appears as if the poster modified the source using authorized 
   access to make it vulnerable. Modifying the source in this manner 
   does not qualify as being listed a vulnerability.
   I disagree on the dupe; see Linux-Security Mailing List,
   "[linux-security] Cfinger (Yet more :)" at
   http://www.geocrawler.com/archives/3/92/1996/9/0/2217716/. Seems as
   if v1.2.3 is vulnerable, perhaps 1.3.0 also. CVE-1999-0813 pertains
   to 1.4.x and below and shows up two years later.

Proposed (Legacy)
19990714
This is a record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.