published date: January 28, 1999

CVE-1999-0461 : Spoofing Vulnerability

Description

Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address.

Product(s):

Linux Kernel 2.6.20.1
SGI IRIX
SGI IRAX
SGI IRIX 4.0.1
SGI IRIX 4.0.1T
SGI IRIX 4.0.2
SGI IRIX 4.0.3
SGI IRIX 4.0.4
SGI IRIX 4.0.4B
SGI IRIX 4.0.4T
SGI IRIX 4.0.5
SGI IRIX 4.0.5 IOP
SGI IRIX 4.0.5A
SGI IRIX 4.0.5B
SGI IRIX 4.0.5D
SGI IRIX 4.0.5E
SGI IRIX 4.0.5F
SGI IRIX 4.0.5G
SGI IRIX 4.0.5H
SGI IRIX 5.0.1
SGI IRIX 5.1.1
SGI IRIX 5.1
SGI IRIX 5.2
SGI IRIX 5.3
SGI IRIX 5.3 XFS
SGI IRIX 6.0.1
SGI IRIX 6.0.1 XFS
SGI IRIX 6.0
SGI IRIX 6.1
SGI IRIX 6.2
SGI IRIX 6.3
SGI IRIX 6.4
SGI IRIX 6.5.10
SGI IRIX 6.5.10f
SGI IRIX 6.5.10m
SGI IRIX 6.5.11
SGI IRIX 6.5.11f
SGI IRIX 6.5.11m
SGI IRIX 6.5.12
SGI IRIX 6.5.12f
SGI IRIX 6.5.12m
SGI IRIX 6.5.13
SGI IRIX 6.5.13f
SGI IRIX 6.5.13m
SGI IRIX 6.5.14
SGI IRIX 6.5.14f
SGI IRIX 6.5.14m
SGI IRIX 6.5.15
SGI IRIX 6.5.15f
SGI IRIX 6.5.15m
SGI IRIX 6.5.16
SGI IRIX 6.5.16f
SGI IRIX 6.5.16m
SGI IRIX 6.5.17
SGI IRIX 6.5.17f
SGI IRIX 6.5.17m
SGI IRIX 6.5.18
SGI IRIX 6.5.18f
SGI IRIX 6.5.18m
SGI IRIX 6.5.19
SGI IRIX 6.5.19f
SGI IRIX 6.5.19m
SGI IRIX 6.5.1
SGI IRIX 6.5.20
SGI IRIX 6.5.20f
SGI IRIX 6.5.20m
SGI IRIX 6.5.21
SGI IRIX 6.5.21f
SGI IRIX 6.5.21m
SGI IRIX 6.5.22
SGI IRIX 6.5.22m
SGI IRIX 6.5.23
SGI IRIX 6.5.24
SGI IRIX 6.5.25
SGI IRIX 6.5.26
SGI IRIX 6.5.27
SGI IRIX 6.5.2
SGI IRIX 6.5.2f
SGI IRIX 6.5.2m
SGI IRIX 6.5.3
SGI IRIX 6.5.3f
SGI IRIX 6.5.3m
SGI IRIX 6.5.4
SGI IRIX 6.5.4f
SGI IRIX 6.5.4m
SGI IRIX 6.5.5
SGI IRIX 6.5.5f
SGI IRIX 6.5.5m
SGI IRIX 6.5.6
SGI IRIX 6.5.6f
SGI IRIX 6.5.6m
SGI IRIX 6.5.7
SGI IRIX 6.5.7f
SGI IRIX 6.5.7m
SGI IRIX 6.5.8
SGI IRIX 6.5.8f
SGI IRIX 6.5.8m
SGI IRIX 6.5.9
SGI IRIX 6.5.9f
SGI IRIX 6.5.9m
+1 additional

CVSS:10 [Critical]
EPSS:1.27%
Exploitability:10
In KEV:No

Question to Ask Vendors:

Can you confirm whether your systems are affected by CVE-1999-0461, and if so, what steps are you currently taking to mitigate this vulnerability?
What is your estimated timeline for fully resolving CVE-1999-0461 in your products or services, and how will you communicate updates on this issue to us as your customer?

Recommended Actions:

Check out the advisory links provided below.

References:

https://nvd.nist.gov/vuln/detail/CVE-1999-0461

READY TO GET RESULTS YOU CAN TRUST?

Get a Demo Contact Sales