Security Advisory

CVE-1999-1165

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2001-09-12 04:00:00

Last updated 2024-08-01 17:02:53

Assigner mitre

State PUBLISHED

Description

GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files.

← Browse all CVEs View on cve.org ↗