PT-1998-1206 · Red Hat · Red Hat

Published

1998-03-09

Updated

2016-10-18

CVE-1999-1407

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Red Hat Linux 5

Description The ifdhcpc-done script, used for configuring DHCP, contains a flaw that allows local users to append text to arbitrary files. This is achieved through a symlink attack on the dhcplog file.

Recommendations For Red Hat Linux 5, consider restricting access to the ifdhcpc-done script until a patch is available, or apply a configuration change to prevent the script from writing to arbitrary files.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1407

Affected Products

Red Hat

PT-1998-1206 · Red Hat · Red Hat

CVE-1999-1407

Related Identifiers

Affected Products

References · 5