Back to CVE Browser

CVE-1999-0498

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0380%

EPSS Percentile33.40th

PublishedSep 27, 1991

Last ModifiedApr 16, 2026

Vulnerability Description

TFTP is not running in a restricted directory, allowing a remote attacker to access sensitive information such as password files.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0498

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0498

Related Vulnerabilities

CVE-1999-051510.0

An unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv.

CVE-1999-051210.0

A mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers.

CVE-1999-079910.0

Buffer overflow in bootpd 2.4.3 and earlier via a long boot file location.

CVE-1999-052710.0

The permissions for system-critical data in an anonymous FTP account are inappropriate. For example, the root directory is writea...