Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-1499Bind vulnerability

4 documents4 sources
Severity
2.1LOWNVD
EPSS
0.5%
top 32.42%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
ISC Bind
Timeline
PublishedApr 10
Latest updateApr 30

Description

named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

NVDisc/bind4.9, 8.1+1

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-wg36-cvm4-gq96: named in ISC BIND 42022-04-30
CVEList
CVE-1999-1499: named in ISC BIND 42001-09-12

💥Exploits & PoCs

1
Exploit-DB
ISC BIND 4.9.7 -T1B - named SIGINT / SIGIOT Symlink1998-04-10
CVE-1999-1499 — ISC Bind vulnerability | cvebase