Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0433

4 documents4 sources

Severity

4.6MEDIUM

EPSS

0.2%

top 61.49%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Netbsd Netbsd Redhat Linux Slackware Slackware Linux +2 more

Timeline

PublishedMar 21

Latest updateApr 30

Description

XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages4 packages

▶NVDxfree86_project/x11r63.3.3

▶NVDredhat/linux5.1, 5.2+1

▶NVDsuse/suse_linux4 versions+3

▶NVDslackware/slackware_linux5 versions+4

Also affects: Netbsd 1.3.2, 1.3.3

🔴Vulnerability Details

GHSA

GHSA-vfv2-37hx-mr4p: XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to ga↗2022-04-30

▶

CVEList

CVE-1999-0433: XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to ga↗1999-09-29

▶

💥Exploits & PoCs

Exploit-DB

X11R6 3.3.3 - Symlink↗1999-03-21

▶