CVE-1999-1214

Published: Sep 15, 1997Modified: Apr 16, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.

Affected (6)

Products: Sgi: Irix · Bsd: Bsd · Freebsd: Freebsd · +2 more

Show all products

Sgi: Irix · Bsd: Bsd · Freebsd: Freebsd · Netbsd: Netbsd · Openbsd: Openbsd

1 product

1 product

1 product

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sgi Irix	All versions

Configuration B

5 vulnerable

Vulnerable Software	Affected Versions
Bsd Bsd	All versions
Bsd Bsd	Version 4.4
Freebsd Freebsd	Version 6.2 stable
Netbsd Netbsd	Version 2.0.4
Openbsd Openbsd	Version 2.1

Related CWEs

References (8)

http://www.openbsd.com/advisories/signals.txt

Source: cve@mitre.org

http://www.openbsd.com/advisories/signals.txt

Source: cve@mitre.org

http://www.osvdb.org/11062

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/556

Source: cve@mitre.org

http://www.openbsd.com/advisories/signals.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openbsd.com/advisories/signals.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/11062

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/556

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.