CVE-1999-0857

CVSS 2.0 Score 2.1 of 10 (low)

Details

Published Dec 1, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-0857 is a vulnerability affecting the FreeBSD gdc (graphical password change) program. This issue permits local users to manipulate file permissions through a symbolic link attack. By creating a specially crafted symbolic link, an attacker can gain write access to files they shouldn't be able to modify, potentially leading to data integrity issues and unauthorized system changes. This vulnerability poses a significant security risk for systems running the affected version of FreeBSD gdc.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

FreeBSD

Affected Vendors

FreeBSD Project

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NEUHe6
https://www.cve.org/CVERecord?id=CVE-1999-0857
https://nvd.nist.gov/vuln/detail/CVE-1999-0857

Back to Vulnerability Database