CVE-1999-1491

Name of the Vulnerable Software and Affected Versions Red Hat version 2.1

Description The issue allows local users to execute arbitrary commands by exploiting the relative pathnames used by abuse.console to find and execute the undrv program. This can be achieved by creating a path that points to a Trojan horse program.

Recommendations For Red Hat version 2.1, consider restricting access to the abuse.console and undrv programs to minimize the risk of exploitation. As a temporary workaround, avoid using relative pathnames to execute the undrv program until a more permanent solution is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.