CVE-1999-1286

CVSS 2.0 Score 7.2 of 10 (high)

Details

Published May 9, 1997

Updated: Nov 20, 2024

Summary

CVE-1999-1286 is a vulnerability affecting the addnetpr utility in SGI IRIX 6.2 and earlier versions. This issue permits local users to manipulate arbitrary files, potentially escalating privileges and gaining root access through a symbolic link attack on a temporary file. The vulnerability exists due to insufficient input validation, allowing malicious users to create and manipulate symbolic links to critical system files. This can result in unauthorized file modifications and elevated system access, posing a serious security risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SGI IRAX

Affected Vendors

Saskatchewan Government Insurance

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/LLZo0s
https://www.cve.org/CVERecord?id=CVE-1999-1286
https://nvd.nist.gov/vuln/detail/CVE-1999-1286

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners