CVE-1999-1165

Summary

CVE-1999-1165 is a vulnerability affecting GNU fingerd version 1.37. The issue lies in the lack of proper privilege dropping before accessing user information, allowing local users to potentially exploit it in two ways. Firstly, they could gain root privileges by crafting a malicious program in the .fingerrc file. Secondly, they could read arbitrary files by creating symbolic links to .plan, .forward, or .project files. This vulnerability is significant as it could lead to serious security consequences if exploited.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.