CVE
- Id
- 187
- CVE No.
- CVE-1999-0187
- Status
- Candidate
- Description
- ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0022. Reason: This candidate is a duplicate of CVE-1999-0022. Notes: All CVE users should reference CVE-1999-0022 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
- Phase
- Modified (20050204)
- Votes
- ACCEPT(2) Hill, Northcutt | RECAST(3) Baker, Frech, Prosser | REJECT(1) Dik | REVIEWING(1) Christey
- Comments
- Prosser> The Sun Patches in Ref roll-up fixes for an earlier BO in | rdist lookup( )(ref CERT 96.14)as well as the BO in rdist function expstr() | (ref CERT 97-23) and various vendor bulletins. However both of these rdist | BO"s affect many more OSs than just Sun, i.e., BSD/OS 2.1, DEC OSF"s, AIX, | FreeBSD, SCO, SGI, etc. Believe this falls into the SF-codebase content | decision | Frech> XF:rdist-bo (error msg formation) | XF:rdist-bo2 (execute code) | XF:rdist-bo3 (execute user-created code) | XF:rdist-sept97 (root from local) | Christey> Duplicate of CVE-1999-0022 (SUN:00179 is referenced in | CERT:CA-97.23.rdist), but as Mike and Andre noted, there | are multiple flaws here, so a RECAST may be necessary. | Dik> As currently phrasedm thissa duplicate of CVE-1999-0022 | Baker> Based on our new philosophy, this should be recast/merged or re-described.
