CVE-1999-0434

3 documents3 sources

Severity

7.5HIGH

EPSS

0.4%

top 37.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Caldera Openlinux Debian Debian Linux Netbsd Netbsd +2 more

Timeline

PublishedMar 30

Latest updateApr 30

Description

XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶NVDredhat/linux5.1

▶NVDsuse/suse_linux5.3

▶NVDcaldera/openlinux1.2

Also affects: Netbsd 1.3.3, Debian Linux 2.0, 2.1

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-2g65-vp99-qwv8: XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain↗2022-04-30

▶

CVEList

CVE-1999-0434: XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain↗2000-02-04

▶