PT-1998-1234 · Slackware · Slackware Linux

Published

1998-04-06

Updated

2008-09-05

CVE-1999-1498

CVSS v2.0

3.6

Low

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Slackware Linux version 3.4

Description The issue allows a local attacker to read and write to arbitrary files via a symlink attack on the reply file. This is related to the pkgtool in Slackware Linux.

Recommendations For Slackware Linux version 3.4, consider restricting access to the pkgtool until a fix is available, and avoid using it for sensitive operations to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1498

Affected Products

Slackware Linux

PT-1998-1234 · Slackware · Slackware Linux

CVE-1999-1498

Related Identifiers

Affected Products

References · 3