Lucene search

K
cve[email protected]CVE-1999-1075
HistoryMar 18, 1998 - 5:00 a.m.

CVE-1999-1075

1998-03-1805:00:00
NVD-CWE-Other
web.nvd.nist.gov
31
cve-1999-1075
aix 4.1.5
inetd
denial of service
dos
ttdbserver
tooltalk server
port n-1

7.4 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

70.0%

inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver (ToolTalk server), but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attackers to cause a denial of service via a large number of connections to port N-1, which are not properly closed by inetd.

CPENameOperatorVersion
ibm:aixibm aixeq4.1.5

7.4 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

70.0%