Unrated severityNVD Advisory· Published Jun 6, 1999· Updated Apr 16, 2026
CVE-1999-1237
CVE-1999-1237
Description
Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods.
Affected products
19- cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*
- osv-coords18 versionspkg:apk/chainguard/apache2pkg:apk/chainguard/apache2-compatpkg:apk/chainguard/apache2-configpkg:apk/chainguard/apache2-config-compatpkg:apk/chainguard/apache2-datapkg:apk/chainguard/apache2-devpkg:apk/chainguard/apache2-docpkg:apk/chainguard/apache2-oci-entrypointpkg:apk/chainguard/apache2-utilspkg:apk/wolfi/apache2pkg:apk/wolfi/apache2-compatpkg:apk/wolfi/apache2-configpkg:apk/wolfi/apache2-config-compatpkg:apk/wolfi/apache2-datapkg:apk/wolfi/apache2-devpkg:apk/wolfi/apache2-docpkg:apk/wolfi/apache2-oci-entrypointpkg:apk/wolfi/apache2-utils
< 2.4.63-r1+ 17 more
- (no CPE)range: < 2.4.63-r1
- (no CPE)range: < 2.4.63-r1
- (no CPE)range: < 2.4.63-r1
- (no CPE)range: < 2.4.63-r1
- (no CPE)range: < 2.4.63-r1
- (no CPE)range: < 2.4.63-r1
- (no CPE)range: < 2.4.63-r1
- (no CPE)range: < 2.4.63-r1
- (no CPE)range: < 2.4.63-r1
- (no CPE)range: < 2.4.63-r1
- (no CPE)range: < 2.4.63-r1
- (no CPE)range: < 2.4.63-r1
- (no CPE)range: < 2.4.63-r1
- (no CPE)range: < 2.4.63-r1
- (no CPE)range: < 2.4.63-r1
- (no CPE)range: < 2.4.63-r1
- (no CPE)range: < 2.4.63-r1
- (no CPE)range: < 2.4.63-r1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.securityfocus.com/archive/1/14384nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/2272nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.