CVE Catalog

CVE-1999-1407

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.39%

31th percentile — higher than 31% of all known CVEs

Summary

The ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file.

Risk Assessment

An attacker could modify critical system files, potentially leading to unauthorized configuration changes or data leaks.

Recommendation

It is recommended to restrict access to the ifdhcpc-done script and monitor log files for unauthorized changes.

Original NVD description (English source)

ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS