CVE-1999-1499
CVSS 2.0 Score 2.1 of 10 (low)
Details
Summary
CVE-1999-1499 is a vulnerability affecting ISC BIND 4.9 and 8.1 named daemon. It allows local users to destructively manipulate files through symlink attacks. Specifically, during a SIGINT or SIGIOT signal termination of the named_dump.db or named.stats process, attackers can create malicious symlinks, leading to the deletion or overwriting of important files. This issue poses a significant risk, as the named daemon plays a crucial role in the DNS resolution process. Therefore, it's essential to patch or upgrade affected systems as soon as possible to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- ISC BIND
Affected Vendors
- Internet Storm Center