CVE Catalog

CVE-1999-1394

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.61%

44th percentile — higher than 44% of all known CVEs

Summary

BSD 4.4 based operating systems, when running at security level 1, allow the root user to clear the immutable and append-only flags for files by unmounting the file system and using a file system editor such as fsdb to directly modify the file through a device.

Risk Assessment

The ability for the root user to remove security flags poses a risk of unauthorized modification of critical system files, potentially compromising system integrity.

Recommendation

It is recommended to monitor and restrict access to the root account and to implement higher security levels to minimize the risks associated with this vulnerability.

Original NVD description (English source)

BSD 4.4 based operating systems, when running at security level 1, allow the root user to clear the immutable and append-only flags for files by unmounting the file system and using a file system editor such as fsdb to directly modify the file through a device.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS