CVE-1999-1301

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Jul 16, 1996

Updated: Nov 20, 2024

Summary

CVE-1999-1301 is a design flaw affecting the Z-Modem protocol, which permits a remote sender to execute arbitrary programs on a client. Specifically, this vulnerability was identified in the rz tool within the rzsz module of FreeBSD versions prior to 2.1.5. The sender can manipulate the file transfer protocol to inject and run malicious code on the client system. This weakness could potentially impact other software implementing the Z-Modem protocol as well.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

FreeBSD

Affected Vendors

FreeBSD Project

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NEUHdw
https://www.cve.org/CVERecord?id=CVE-1999-1301
https://nvd.nist.gov/vuln/detail/CVE-1999-1301

Back to Vulnerability Database