CVE-1999-0084

CVSS 3.1 Score 8.4 of 10 (high)

Details

Published May 1, 1990
Updated: Aug 1, 2024
CWE ID 269

Summary

CVE-1999-0084 is a vulnerability affecting certain Network File System (NFS) servers. This issue permits users to exploit a weakness in handling mknod commands, allowing them to create a writable kmem device and set its User ID (UID) to 0. By doing so, attackers can gain privileged access, potentially leading to serious security implications, including unauthorized system modification and data theft. This vulnerability underscores the importance of applying security patches and maintaining up-to-date NFS servers to protect against such unintended privilege escalations.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share