CVE-1999-1298

Name of the Vulnerable Software and Affected Versions FreeBSD versions 2.2.1 and earlier

Description The issue concerns the configuration of anonymous FTP by Sysinstall. When this configuration is set up, it creates an ftp user without a password and assigns /bin/date as the shell. This setup could potentially allow attackers to access certain system resources.

Recommendations For versions 2.2.1 and earlier, consider setting a strong password for the ftp user and changing the shell assignment to a more secure option to prevent unauthorized access. As a temporary workaround, restrict access to the ftp user account until a more permanent solution can be applied.