CVE-1999-1237
Apache Http — CWE-120
- Published: 1999-06-06T04:00:00.000
- Last modified: 2025-04-03T01:03:51.193
- Vendors: Apache
- Products: Http
- CWE: CWE-120
CVE-1999-1237 — Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods. [Weakness: CWE-120]
Related CVE by CWE
No related CWE found.
Top CVE for Vendor
No items for this vendor.
Recently Exploited Similar Vulnerabilities
No recent KEV-listed items for this vendor/product.
Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods.
🧠 Explainer: What this vulnerability means
Summary: The issue in Http by Apache (CWE: unspecified) may enable attacks.
Impact: It may allow privilege escalation, data exposure, or service interruption.
Mitigation: Upgrade immediately to the remediated release and follow vendor hardening guidance.
- http://www.securityfocus.com/archive/1/14384 [Third Party Advisory, VDB Entry]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/2272 [Third Party Advisory, VDB Entry]
- http://www.securityfocus.com/archive/1/14384 [Third Party Advisory, VDB Entry]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/2272 [Third Party Advisory, VDB Entry]
No explicit mitigation/advisory links found in references.