CVE-1999-1095

4 documents4 sources
Severity
7.2HIGH
EPSS
0.1%
top 79.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Redhat LinuxSlackware Slackware Linux
Timeline
PublishedOct 6
Latest updateApr 30

Description

sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

NVDredhat/linux4.1

🔴Vulnerability Details

2
GHSA
GHSA-c285-wp5f-8f3c: sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort2022-04-30
CVEList
CVE-1999-1095: sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort2001-09-12

💥Exploits & PoCs

1
Exploit-DB
Linux modutils 2.3.9 - 'modprobe' Arbitrary Command Execution2000-11-12
CVE-1999-1095 (HIGH CVSS 7.2) | sort creates temporary files and fo | cvebase.io