|
|
| CVE-ID | ||
|---|---|---|
CVE-1999-0798 |
• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
|
|
| Description | ||
| Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type. | ||
| References | ||
| Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete. | ||
|
||
| Assigning CNA | ||
| MITRE Corporation | ||
| Date Record Created | ||
| 19991125 | Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE. | |
| Phase (Legacy) | ||
| Proposed (19991222) | ||
| Votes (Legacy) | ||
| ACCEPT(3) Baker, Ozancin, Stracener MODIFY(1) Frech NOOP(1) Christey |
||
| Comments (Legacy) | ||
Christey> Is CVE-1999-0389 a duplicate of CVE-1999-0798? CVE-1999-0389 has January 1999 dates associated with it, while CVE-1999-0798 was reported in late December. http://marc.theaimsgroup.com/?l=bugtraq&m=91278867118128&w=2 SCO appears to have acknowledged this as well: ftp://ftp.sco.com/SSE/security_bulletins/SB-99.01a The poster also claims that OpenBSD fixed this as well. Frech> XF:bootp-remote-bo Christey> Further analysis indicates that this is a duplicate of CVE-1999-0799 CHANGE> [Christey changed vote from REJECT to NOOP] Christey> What was I thinking? Brian Caswell pointed out that this is *not* the same bug as CVE-1999-0799. As reported in the 1998 Bugtraq post, the bug is in bootpd.c, and is related to providing an htype value that is used as an index into an array, and exceeds the intended boundaries of that array. |
||
| Proposed (Legacy) | ||
| 19991222 | ||
| This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities. | ||
|
You can also search by reference using the CVE Reference Maps.
|
||
| For More Information: CVE Request Web Form (select "Other" from dropdown) | ||