Vulnerability Description
sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Linux | 4.1 |
| Slackware | Slackware Linux | 3.3 |
References
- http://marc.info/?l=bugtraq&m=87619953510834&w=2
- http://marc.info/?l=bugtraq&m=88886870129518&w=2
- http://marc.info/?l=bugtraq&m=88890116304676&w=2
- http://marc.info/?l=bugtraq&m=87619953510834&w=2
- http://marc.info/?l=bugtraq&m=88886870129518&w=2
- http://marc.info/?l=bugtraq&m=88890116304676&w=2
FAQ
What is CVE-1999-1095?
CVE-1999-1095 is a vulnerability with a CVSS score of 7.2 (HIGH). sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that ...
How severe is CVE-1999-1095?
CVE-1999-1095 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-1095?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Linux, Slackware Slackware Linux.