CVE Catalog

CVE-1999-1221

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.62%

45th percentile — higher than 45% of all known CVEs

Summary

The vulnerability in dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file.

Risk Assessment

An attacker could exploit this vulnerability to unauthorized file modifications, potentially leading to serious security breaches in the system.

Recommendation

It is recommended to restrict access to the dxchpwd.log file and to monitor and audit file operations in the system.

Original NVD description (English source)

dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS