Main Vulnerability Database SB1999092801

SB1999092801 - Unix symbolic link (symlink) following in Linux kernel

Published: September 28, 1999

Security Bulletin ID SB1999092801

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Data manipulation

Description

This security bulletin contains information about 1 security vulnerability.

1) Unix symbolic link (symlink) following (CVE-ID: CVE-1999-1352)

The vulnerability allows a local user to read and manipulate data.

mknod in Linux 2.2 follows symbolic links, which could allow local users to overwrite files or gain privileges.

Install update from vendor's website.