Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-1498

4 documents4 sources
Severity
3.6LOW
EPSS
0.4%
top 41.70%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Slackware Slackware Linux
Timeline
PublishedApr 6
Latest updateApr 30

Description

Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file.

CVSS vector

AV:L/AC:L/C:P/I:P/A:NExploitability: 3.9 | Impact: 4.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-r9wh-3q4r-xc56: Slackware Linux 32022-04-30
CVEList
CVE-1999-1498: Slackware Linux 32001-09-12

💥Exploits & PoCs

1
Exploit-DB
Slackware Linux 3.4 - 'pkgtool' Temporary File1998-04-06
CVE-1999-1498 (LOW CVSS 3.6) | Slackware Linux 3.4 pkgtool allows | cvebase.io