CVE-1999-1295 — MEDIUM (4.6)

Vulnerability Description

Transarc DCE Distributed File System (DFS) 1.1 for Solaris 2.4 and 2.5 does not properly initialize the grouplist for users who belong to a large number of groups, which could allow those users to gain access to resources that are protected by DFS.

CVSS Score

4.6

MEDIUM

AV:L/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Transarc	Dce Distributed File System	1.1

References

http://www.cert.org/vendor_bulletins/VB-96.16.transarcPatchThird Party AdvisoryUS Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/7154
http://www.cert.org/vendor_bulletins/VB-96.16.transarcPatchThird Party AdvisoryUS Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/7154

FAQ

What is CVE-1999-1295?

CVE-1999-1295 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Transarc DCE Distributed File System (DFS) 1.1 for Solaris 2.4 and 2.5 does not properly initialize the grouplist for users who belong to a large number of groups, which could allow those users to gai...

How severe is CVE-1999-1295?

CVE-1999-1295 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-1999-1295?

Check the references section above for vendor advisories and patch information. Affected products include: Transarc Dce Distributed File System.