CVE-1999-0676

CVSS 2.0 Score 4.6 of 10 (medium)

Details

Published Aug 9, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-0676 is a vulnerability affecting Solaris 2.6 systems. The issue lies with the sdtcm_convert utility, which permits a local user to create a symbolic link to sensitive files. By manipulating the link, an attacker can overwrite these files with malicious data, potentially gaining unauthorized access or causing system instability. This vulnerability underscores the importance of proper file access control and user privilege management to mitigate the risk of such attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Sun Solaris
SunOS

Affected Vendors

Oracle Corp
Sun.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlRE9
https://www.cve.org/CVERecord?id=CVE-1999-0676
https://nvd.nist.gov/vuln/detail/CVE-1999-0676

Back to Vulnerability Database