CVE Catalog
CVE-1999-1221
LowExploitation Probability (EPSS)
Low risk0.62%
45th percentile — higher than 45% of all known CVEs
Summary
The vulnerability in dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file.
Risk Assessment
An attacker could exploit this vulnerability to unauthorized file modifications, potentially leading to serious security breaches in the system.
Recommendation
It is recommended to restrict access to the dxchpwd.log file and to monitor and audit file operations in the system.
Original NVD description (English source)
dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file.

