{"id": "CVE-1999-0048", "bulletinFamily": "NVD", "title": "CVE-1999-0048", "description": "Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges.", "published": "1997-01-27T05:00:00", "modified": "2008-09-09T12:33:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0048", "reporter": "cve@mitre.org", "references": ["http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/147"], "cvelist": ["CVE-1999-0048"], "type": "cve", "lastseen": "2019-05-29T18:07:35", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "32c3f8daf7ab5925a46139019e3c7f06"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "a2945cae18e535b3d064bc1ee9173da5"}, {"key": "cpe23", "hash": "c19fce422c14d71f6cb51030cfcf5952"}, {"key": "cvelist", "hash": "d7afefca6b90681dc8a47ab5c9b251df"}, {"key": "cvss", "hash": "edfca85c4c320ffaa9dcfdcb6a20ce1d"}, {"key": "cvss2", "hash": "11e56c2d8f36b1920223217250e3f2a6"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "2c7a542eb35230eb68e4447fac0131be"}, {"key": "href", "hash": "e7fd2411eb87de4fa41bd622f5f86ca7"}, {"key": "modified", "hash": "d319ad6d1764a42a39d8e0b88223f660"}, {"key": "published", "hash": "19d923dd1805addbaceef1e67debbf51"}, {"key": "references", "hash": "f16ebeee8cff04d3b0553cc66003396e"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "f5d421690fd34fe6f0d1c8a27a94019b"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "9609fdb6dbbe97375495573291fadf74a45db29b2e983ce0aef0b54c9180eb8d", "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:8203"]}], "modified": "2019-05-29T18:07:35"}, "score": {"value": 8.9, "vector": "NONE", "modified": "2019-05-29T18:07:35"}, "vulnersScore": 8.9}, "objectVersion": "1.3", "cpe": ["cpe:/a:nec:up-ux_v:*", "cpe:/a:nec:ews-ux_v:*", "cpe:/o:ibm:aix:3.1", "cpe:/a:ibm:aix:3.1", "cpe:/o:ibm:aix:4.2", "cpe:/a:ibm:aix:4.2", "cpe:/a:debian:netkit:0.07", "cpe:/o:ibm:aix:4.1", "cpe:/a:nec:asl_ux_4800:*", "cpe:/o:nec:up-ux_v:*", "cpe:/o:nec:ews-ux_v:*", "cpe:/o:nec:asl_ux_4800:*", "cpe:/a:ibm:aix:4.1"], "affectedSoftware": [{"name": "ibm aix", "operator": "eq", "version": "4.2"}, {"name": "nec up-ux_v", "operator": "eq", "version": "*"}, {"name": "ibm aix", "operator": "eq", "version": "3.1"}, {"name": "ibm aix", "operator": "eq", "version": "4.1"}, {"name": "debian netkit", "operator": "eq", "version": "0.07"}, {"name": "nec ews-ux_v", "operator": "eq", "version": "*"}, {"name": "nec asl_ux_4800", "operator": "eq", "version": "*"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*", "cpe:2.3:o:nec:ews-ux_v:*:*:*:*:*:*:*:*", "cpe:2.3:o:nec:asl_ux_4800:*:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:aix:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:nec:up-ux_v:*:*:*:*:*:*:*:*", "cpe:2.3:a:debian:netkit:0.07:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"]}

{"osvdb": [{"lastseen": "2017-04-28T13:20:03", "bulletinFamily": "software", "description": "## Vulnerability Description\nA remote overflow exists in talkd. The talkd fails to check bounds on the buffer where the hostname is stored resulting in a stack space overflow. With a specially crafted DNS entry, an attacker can cause remote execution of arbitrary commands with root privileges resulting in a loss of integrity.\n## Solution Description\nUpgrade to an unaffected version (see external references for your system). It is also possible to correct the flaw by implementing the following workaround: Disable talkd.\n## Short Description\nA remote overflow exists in talkd. The talkd fails to check bounds on the buffer where the hostname is stored resulting in a stack space overflow. With a specially crafted DNS entry, an attacker can cause remote execution of arbitrary commands with root privileges resulting in a loss of integrity.\n## References:\n[Vendor Specific Advisory URL](http://www.securityfocus.com/advisories/1501)\n[Vendor Specific Advisory URL](ftp://patches.sgi.com/support/free/security/advisories/19970701-01-PX)\n[Vendor Specific Advisory URL](http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/147&type=0&nav=sec.sba)\n[Vendor Specific Advisory URL](ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/old/FreeBSD-SA-96:21.talkd.asc)\nOther Advisory URL: http://www.auscert.org.au/render.html?it=1875&cid=1\nISS X-Force ID: 453\n[CVE-1999-0048](https://vulners.com/cve/CVE-1999-0048)\nCERT: CA-1997-04\nBugtraq ID: 210\n", "modified": "1997-01-18T00:00:00", "published": "1997-01-18T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:8203", "id": "OSVDB:8203", "type": "osvdb", "title": "Multiple Vendor in.talkd Crafted DNS Response Remote Overflow", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}