CVE-1999-1139

CVSS 2.0 Score 7.2 of 10 (high)

Details

Published Sep 1, 1997

Updated: Nov 20, 2024

Summary

CVE-1999-1139 is a vulnerability affecting the Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier versions. Hackers can exploit this issue by creating a symbolic link to the IOERROR.mytty file, allowing them to overwrite arbitrary files and ultimately gain root privileges. This vulnerability poses a significant risk, as local users can exploit it without requiring network access or sophisticated hacking tools. HP-UX systems running CUE prior to version 11.1 should be patched immediately to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

HP-UX
HP-UX family of operating systems

Affected Vendors

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlXEs
https://www.cve.org/CVERecord?id=CVE-1999-1139
https://nvd.nist.gov/vuln/detail/CVE-1999-1139

Back to Vulnerability Database