Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1407

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-1999-1407
Last Modified 05 Sep 2008 04:19:26
Published 09 Mar 1998 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-1999-1407

Summary

ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file.

Vulnerable Systems

Operating System

  • Redhat Linux 5.0


References

CONFIRM - http://www.redhat.com/support/errata/rh50-errata-general.html#initscripts

BUGTRAQ - 19980309 *sigh* another RH5 /tmp problem

BID - 368

XF - initscripts-ifdhcpdone-dhcplog-symlink(7294)


Last Updated: 27 May 2016 10:35:24