CVE-1999-1486 — IBM AIX vulnerability

3 documents3 sources

Severity

1.2LOWNVD

EPSS

0.1%

top 74.83%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM AIX

Timeline

PublishedFeb 25

Latest updateApr 30

Description

sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack.

CVSS vector

AV:L/AC:H/C:N/I:P/A:NExploitability: 1.9 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/aix9 versions+8

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-p363-v5h3-2749: sadc in IBM AIX 4↗2022-04-30

▶

CVEList

CVE-1999-1486: sadc in IBM AIX 4↗2004-09-01

▶