Vulnerability Name:

CVE-1999-0704 (CCN-3171)

Assigned:1999-08-30
Published:1999-08-30
Updated:2008-09-09
Summary:Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: Caldera International, Inc. Security Advisory CSSA-1999-024.0
buffer overflow in amd

Source: CCN
Type: FreeBSD Security Advisory FreeBSD-SA-99:06
remote amd attack

Source: MITRE
Type: CNA
CVE-1999-0704

Source: CCN
Type: RHSA-1999:032-01
Buffer overrun in amd

Source: CCN
Type: BSDI Internet Super Server 4.0.1 Mods (patches)
BSDI Mod M401-017

Source: CCN
Type: CERT Advisory CA-1999-12
Buffer Overflow in amd

Source: CCN
Type: CIAC Information Bulletin J-071
Buffer Overflow Vulnerability in amd

Source: DEBIAN
Type: Debian Security Advisory 19991018a
amd: Buffer overflow in amd -- update

Source: CCN
Type: OSVDB ID: 159
amd AMQPROC_MOUNT Procedure Remote Overflow

Source: BID
Type: UNKNOWN
614

Source: CCN
Type: BID-614
Multiple Vendor amd Buffer Overflow Vulnerability

Source: XF
Type: UNKNOWN
amd-bo(3171)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:bsdi:bsd_os:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:bsdi:bsd_os:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:3.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:4.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:5.2:*:i386:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.0:*:i386:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:windriver:bsdos:*:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:*:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:5.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.0:*:*:*:*:*:*:*
  • AND
  • cpe:/o:ibm:aix:*:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:*:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:*:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:*:*:*:*:*:*:*:*
  • OR cpe:/a:data_general:dg_ux:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:4.2:*:*:*:*:*:*:*
  • OR cpe:/o:sco:unix:*:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    bsdi bsd os 3.1
    bsdi bsd os 4.0.1
    freebsd freebsd 3.0
    freebsd freebsd 3.1
    freebsd freebsd 3.2
    redhat linux 4.2
    redhat linux 5.0
    redhat linux 5.1
    redhat linux 5.2
    redhat linux 6.0
    windriver bsdos *
    linux linux kernel *
    freebsd freebsd *
    debian debian linux *
    redhat linux 5.2
    redhat linux 6.0
    ibm aix *
    hp hp-ux *
    sgi irix *
    sun solaris *
    data_general dg ux *
    redhat linux 4.2
    sco unix *
    compaq tru64 *