CVE-1999-1471

📅 14 April 2026 at 18:00 UTC📰 NVDView original source ↗

Buffer overflow in passwd in BSD based operating systems 4.3 and earlier allows local users to gain root privileges by specifying a long shell or GECOS field.

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

A buffer overflow vulnerability in the passwd system on BSD-based operating systems version 4.3 and earlier allows local users to gain root privileges by specifying a long shell or GECOS field, posing a significant risk to system security.

⚙️Technical Details

CVEs

CVE-1999-1471

Affected Systems

BSD-based operating systems version 4.3 and earlier

Attack Vectors

AV:L/AC:L/Au:N/C:C/I:C/A:C

💥Impact Assessment

Severity: Unknown

🛡️Recommended Actions

1Regularly review and update user accounts to prevent long shell or GECOS fields from being specified.

2Implement strict access controls for the passwd file to limit modifications.

3Apply patches from reputable sources (e.g., http://www.cert.org/advisories/CA-1989-01.html) to fix the vulnerability.

📦Affected Products

Bsd BsdBSD-based operating systems version 4.3 and earlier

🔐NVD Verified DataVERIFIED

CVE-1999-1471 ↗CVSS 7.2 — HIGH

Attack Vector

LOCAL

Complexity

LOW

Vector String

AV:L/AC:L/Au:N/C:C/I:C/A:C

Affected Products (CPE)

Bsd Bsd

Patches & References

🔧 http://www.cert.org/advisories/CA-1989-01.html 🔧 http://www.securityfocus.com/bid/4 🔧 http://www.cert.org/advisories/CA-1989-01.html 📋 http://www.securityfocus.com/bid/4 📋 http://www.securityfocus.com/bid/4

Read the full article

This is a curated summary. The complete article is available at NVD.

Read on NVD ↗

← Back to feed