CVE Catalog

CVE-1999-1499

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.69%

48th percentile — higher than 48% of all known CVEs

Summary

A vulnerability in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used.

Risk Assessment

An attacker could exploit this vulnerability to delete important files, potentially disrupting DNS service operations.

Recommendation

It is recommended to upgrade to the latest version of BIND and implement appropriate security measures to restrict local user access to critical files.

Original NVD description (English source)

named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS