Vulnerabilities > CVE-1999-1301 - Unspecified vulnerability in Freebsd

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

freebsd

NVD

Published: 1996-07-16

Updated: 2024-11-20

Summary

A design flaw in the Z-Modem protocol allows the remote sender of a file to execute arbitrary programs on the client, as implemented in rz in the rzsz module of FreeBSD before 2.1.5, and possibly other programs.

Vulnerable Configurations

Part	Description	Count
OS	Freebsd Freebsd Freebsd - Freebsd Freebsd 0.4_1 Freebsd Freebsd 1.0 Freebsd Freebsd 1.1 Freebsd Freebsd 1.1.5 Freebsd Freebsd 1.1.5.1 Freebsd Freebsd 1.2 Freebsd Freebsd 1.5 Freebsd Freebsd 2.0 Freebsd Freebsd 2.0.1 Freebsd Freebsd 2.0.5 Freebsd Freebsd 2.1 Freebsd Freebsd 2.1.0 Freebsd Freebsd 2.1.5	14

References

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/old/FreeBSD-SA-96:17.rzsz.asc
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/old/FreeBSD-SA-96:17.rzsz.asc
http://ciac.llnl.gov/ciac/bulletins/g-31.shtml
http://ciac.llnl.gov/ciac/bulletins/g-31.shtml
http://www.iss.net/security_center/static/7540.php
http://www.iss.net/security_center/static/7540.php