← CVECheck
HomeVulnerabilities

CVE-1999-1165 — HIGH severity vulnerability (GNU fingerd 1.37 does not properly drop privileges before ac)

GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files.

CVE IDCVE-1999-1165
SeverityHIGH
CVSS score7.2
CVSS vectorAV:L/AC:L/Au:N/C:C/I:C/A:C
CWENVD-CWE-Other
StatusModified
Published1999-07-21
Last modified2026-04-16
DescriptionGNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →