CVE-1999-1572
CVSS 2.0 Score 2.1 of 10 (low)
Details
Published Jul 16, 1996
Updated: Oct 19, 2017
Summary
CVE-1999-1572 is a vulnerability affecting the cpio archive utility in FreeBSD 2.1.0 and Debian GNU/Linux 3.0, among other potential operating systems. This issue arises due to the cpio utility adopting a 0 umask while creating files using the -O (archive) or -F options. Consequently, these files are generated with permissive mode 0666, exposing them to local users who can read or overwrite the files, posing a significant security risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Red Hat Enterprise Linux
- Debian
- FreeBSD
Affected Vendors
- Debian
- Red Hat
- FreeBSD Project
- MandrakeSoft