CVE-1999-1499
LowExploitation Probability (EPSS)
Low risk48th percentile — higher than 48% of all known CVEs
Summary
A vulnerability in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used.
Risk Assessment
An attacker could exploit this vulnerability to delete important files, potentially disrupting DNS service operations.
Recommendation
It is recommended to upgrade to the latest version of BIND and implement appropriate security measures to restrict local user access to critical files.
Original NVD description (English source)
named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used.

