CVE-1999-1572

CVSS 2.0 Score 2.1 of 10 (low)

Details

Published Jul 16, 1996
Updated: Oct 19, 2017

Summary

CVE-1999-1572 is a vulnerability affecting the cpio archive utility in FreeBSD 2.1.0 and Debian GNU/Linux 3.0, among other potential operating systems. This issue arises due to the cpio utility adopting a 0 umask while creating files using the -O (archive) or -F options. Consequently, these files are generated with permissive mode 0666, exposing them to local users who can read or overwrite the files, posing a significant security risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Red Hat Enterprise Linux
  • Debian
  • FreeBSD

Affected Vendors

  • Debian
  • Red Hat
  • FreeBSD Project
  • MandrakeSoft