CVE-1999-1301

Description

A design flaw in the Z-Modem protocol allows the remote sender of a file to execute arbitrary programs on the client, as implemented in rz in the rzsz module of FreeBSD before 2.1.5, and possibly other programs.

Severity

Overall Severity: N/A

CVSS Metrics

Type	Score	Severity	Vector

Affected Products

References

• ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/old/FreeBSD-SA-96:17.rzsz.asc
  PatchVendor Advisory
• http://ciac.llnl.gov/ciac/bulletins/g-31.shtml
  PatchVendor Advisory
• http://www.iss.net/security_center/static/7540.php
• ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/old/FreeBSD-SA-96:17.rzsz.asc
  PatchVendor Advisory
• http://ciac.llnl.gov/ciac/bulletins/g-31.shtml
  PatchVendor Advisory
• http://www.iss.net/security_center/static/7540.php