CVE-1999-0957 is a vulnerability found in the MajorCool mj_key_cache program, which is a software component developed by Great Circle Associates. The vulnerability allows local users to perform a symlink (symbolic link) attack to modify arbitrary files on the system. Specifically, the mj_key_cache program does not properly handle file operations when dealing with symbolic links, enabling an attacker with local access to create a symlink pointing to a target file. When the vulnerable program writes to or modifies the symlinked file, the attacker can alter files they normally would not have permission to change. This type of attack compromises the integrity of files without requiring elevated privileges or authentication. The vulnerability was published in 1997 and has a CVSS score of 2.1, indicating a low severity level. The attack vector is local (AV:L), with low attack complexity (AC:L), no authentication required (Au:N), no impact on confidentiality (C:N), partial impact on integrity (I:P), and no impact on availability (A:N). There are no patches available, and no known exploits in the wild have been reported. The vulnerability primarily affects systems running the MajorCool mj_key_cache program, which is an older and less commonly used software component today.

For European organizations, the direct impact of this vulnerability is limited due to the age and obscurity of the affected software. However, if any legacy systems or specialized environments still run the MajorCool mj_key_cache program, local attackers could exploit this vulnerability to modify critical configuration or data files, potentially leading to unauthorized changes in system behavior or data corruption. Since the attack requires local access, the threat is primarily from insider threats or attackers who have already gained limited access to the network or system. The integrity compromise could undermine trust in system operations or lead to further privilege escalation if combined with other vulnerabilities. Given the low CVSS score and lack of known exploits, the immediate risk to European organizations is low, but organizations with legacy systems should be cautious.

1. Identify and inventory any systems running the MajorCool mj_key_cache program, especially legacy or specialized environments. 2. Restrict local access to trusted users only, employing strict access controls and monitoring for suspicious activity. 3. Where possible, replace or upgrade legacy software components with modern, supported alternatives that do not have known vulnerabilities. 4. Implement file system permissions and integrity monitoring to detect unauthorized file modifications, particularly in directories used by mj_key_cache. 5. Use security best practices such as disabling unnecessary local accounts, enforcing least privilege, and employing endpoint detection and response (EDR) tools to detect potential symlink attacks or unusual file system activity. 6. Since no patches are available, consider isolating affected systems or running them in sandboxed environments to limit potential damage.