Privilege Escalation in GNU Fingerd Affects User Information Access
CVE-1999-1165

Currently unrated

Key Information:

Vendor

Gnu
Status
Fingerd
Vendor
CVE Published:
21 July 1999

What is CVE-1999-1165?

GNU Fingerd version 1.37 contains a security flaw where it fails to properly drop privileges before accessing user information. This oversight allows local users to execute malicious programs via the .fingerrc file, potentially gaining root privileges. Additionally, the vulnerability enables unauthorized access to sensitive information by reading arbitrary files through symbolic links established in .plan, .forward, or .project files. Proper privilege management measures are essential to mitigate these risks and protect system integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/535
vdb-entryx_refsource_BID
http://marc.info/?l=bugtraq&m=93268249021561&w=2
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/2478
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.