Published: 21/03/1999 Updated: 17/08/2022

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 465

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xfree86 project x11r6 3.3.3
slackware slackware linux 3.5
redhat linux 5.1
redhat linux 5.2
slackware slackware linux 3.4
netbsd netbsd 1.3.3
slackware slackware linux 4.0
suse suse linux 5.2
suse suse linux 6.0
suse suse linux 6.1
suse suse linux 5.1
slackware slackware linux 3.6
slackware slackware linux 3.3
netbsd netbsd 1.3.2

source: wwwsecurityfocuscom/bid/326/info There is a symlink vulnerability known to exist under most modern linux and NetBSD distributions It involves /tmp/X11-unix and the tendency to follow to/overwrite the file pointed to if a symlink It may be possible for a regular user to write arbritrary data to a file they normally have no write ...

NVD-CWE-Other https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433 https://nvd.nist.gov https://www.exploit-db.com/exploits/19257/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-1999-0433

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect