Main Vulnerability Database Vulnerabilities #VU100016

Insufficient verification of data authenticity in Linux kernel - CVE-1999-1341

Published: October 22, 1999 / Updated: September 11, 2018

Vulnerability identifier: #VU100016

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-1999-1341

CWE-ID: CWE-345

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Linux Foundation

Affected software:
Linux kernel

Detailed vulnerability description

The vulnerability allows a local user to read and manipulate data.

Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, allows local unprivileged users to forge IP packets via the TIOCSETD option on tty devices.

How to mitigate CVE-1999-1341

Install update from vendor's repository.

Sources

http://marc.info/?l=bugtraq&m=94061108411308&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/7858

Insufficient verification of data authenticity in Linux kernel - CVE-1999-1341

Detailed vulnerability description

How to mitigate CVE-1999-1341

Sources

Please verify you're human