CVE-1999-0298

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Feb 5, 1997
Updated: Sep 9, 2008

Summary

CVE-1999-0298 is a vulnerability affecting the ypbind utility in Linux Slackware and SunOS. When the -ypset and -ypsetme options are activated, attackers, whether local or remote, can exploit a ".." (dot dot) attack to overwrite files. This issue poses a significant security risk, allowing unauthorized modification or deletion of critical system configurations and data. Attackers can exploit this vulnerability to gain elevated privileges, leading to potential system compromise. It is essential to apply the available patches or updates to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share