PT-1999-1597 · Unknown · Internet Security Scanner

Published

1999-02-20

Updated

2008-09-05

CVE-1999-1168

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Internet Security Scanner (ISS) for Linux version 5.3

Description The issue allows local users to change the permissions of arbitrary files via a symlink attack on a temporary file used by the install.iss installation script.

Recommendations For version 5.3, consider restricting access to the installation script to prevent unauthorized modifications until a fix is available. As a temporary workaround, monitor file system changes closely to detect potential misuse.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1168

Affected Products

Internet Security Scanner

PT-1999-1597 · Unknown · Internet Security Scanner

CVE-1999-1168

Related Identifiers

Affected Products

References · 2