CVE-1999-1394
LowExploitation Probability (EPSS)
Low risk44th percentile — higher than 44% of all known CVEs
Summary
BSD 4.4 based operating systems, when running at security level 1, allow the root user to clear the immutable and append-only flags for files by unmounting the file system and using a file system editor such as fsdb to directly modify the file through a device.
Risk Assessment
The ability for the root user to remove security flags poses a risk of unauthorized modification of critical system files, potentially compromising system integrity.
Recommendation
It is recommended to monitor and restrict access to the root account and to implement higher security levels to minimize the risks associated with this vulnerability.
Original NVD description (English source)
BSD 4.4 based operating systems, when running at security level 1, allow the root user to clear the immutable and append-only flags for files by unmounting the file system and using a file system editor such as fsdb to directly modify the file through a device.

