CVE-1999-1499

CVSS 2.0 Score 2.1 of 10 (low)

Details

Published Apr 10, 1998
Updated: Nov 20, 2024

Summary

CVE-1999-1499 is a vulnerability affecting ISC BIND 4.9 and 8.1 named daemon. It allows local users to destructively manipulate files through symlink attacks. Specifically, during a SIGINT or SIGIOT signal termination of the named_dump.db or named.stats process, attackers can create malicious symlinks, leading to the deletion or overwriting of important files. This issue poses a significant risk, as the named daemon plays a crucial role in the DNS resolution process. Therefore, it's essential to patch or upgrade affected systems as soon as possible to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • ISC BIND

Affected Vendors

  • Internet Storm Center