CVE-1999-0002

Bsdi Bsd OS - Memory Corruption

Title source: rule
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0002. PoCs published by LucySoft.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in the mountd daemon's logging code, specifically in NFS servers running certain Linux implementations. It uses a crafted buffer to overwrite the return address and execute shellcode, leading to remote code execution.

Description

Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems.

Exploits (1)

exploitdb WORKING POC VERIFIED
by LucySoft · cremotelinux
https://www.exploit-db.com/exploits/19096

This exploit targets a buffer overflow vulnerability in the mountd daemon's logging code, specifically in NFS servers running certain Linux implementations. It uses a crafted buffer to overwrite the return address and execute shellcode, leading to remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: NFS servers with vulnerable mountd (e.g., Red Hat Linux 5.1 with nfs-server-2.2beta29)
No auth needed
Prerequisites: Network access to the vulnerable NFS server · NFS server with vulnerable mountd running
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, US Government Resource third-party-advisory government-resource x_refsource_ciac
http://www.ciac.org/ciac/bulletins/j-006.shtml
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/121
Vendor Advisory vendor-advisory x_refsource_sgi
ftp://patches.sgi.com/support/free/security/advisories/19981006-01-I

Scores

EPSS 0.2786
EPSS Percentile 97.9%

Details

CWE
CWE-119
Status published
Products (10)
bsdi/bsd_os 1.1
caldera/openlinux 1.2
redhat/linux 2.0
redhat/linux 2.1
redhat/linux 3.0.3
redhat/linux 4.0
redhat/linux 4.1
redhat/linux 4.2
redhat/linux 5.0
redhat/linux 5.1
Published Oct 12, 1998
Tracked Since Feb 18, 2026