CVE-1999-1565 is a vulnerability found in man2html version 2.1 and earlier, specifically affecting version 4.0 as noted. The issue arises from the way the software handles temporary files during its operation. Man2html is a utility that converts Unix manual pages into HTML format. The vulnerability allows local users to perform a symlink (symbolic link) attack on a temporary file created by man2html. Because the application does not securely handle the creation and usage of temporary files, an attacker can create a symbolic link pointing to an arbitrary file on the system. When man2html writes to its temporary file, it inadvertently overwrites the target file pointed to by the symlink. This can lead to arbitrary file overwrite, impacting confidentiality, integrity, and availability of system files or user data. The attack requires local access, meaning the attacker must already have some level of access to the system to exploit this vulnerability. The CVSS score of 4.6 (medium severity) reflects the local attack vector, low complexity, no authentication required, and partial impact on confidentiality, integrity, and availability. No patches are available for this vulnerability, and there are no known exploits in the wild. Given the age of the vulnerability (published in 1999), modern systems may not commonly use this software version, but legacy systems or specialized environments might still be affected.

For European organizations, the impact of this vulnerability is primarily relevant to environments where legacy Unix or Linux systems are still in use and where man2html 2.1 or earlier is installed. The ability for a local user to overwrite arbitrary files can lead to privilege escalation, data corruption, or denial of service if critical system files are overwritten. This could compromise system integrity and availability, potentially disrupting business operations. In multi-user environments such as universities, research institutions, or companies with legacy infrastructure, an insider threat or compromised low-privilege user could exploit this vulnerability to escalate privileges or sabotage systems. Although remote exploitation is not possible, the risk remains significant in environments with weak access controls or where local user accounts are not tightly managed. The lack of patches means organizations must rely on compensating controls or upgrading software. Given the medium severity, the threat is moderate but should not be ignored in relevant contexts.

Since no official patches are available, European organizations should consider the following specific mitigations: 1) Upgrade or replace man2html with a more recent, maintained version or alternative tools that do not have this vulnerability. 2) Restrict local user access to systems running vulnerable versions of man2html, ensuring only trusted users have shell or local login capabilities. 3) Implement strict file system permissions and monitoring to detect unauthorized creation of symbolic links or unexpected file modifications, especially in directories where temporary files are created. 4) Use security-enhanced Linux (SELinux) or AppArmor profiles to confine the man2html process and limit its ability to write outside designated directories. 5) Regularly audit and review legacy systems to identify outdated software and remove or isolate vulnerable components. 6) Educate system administrators about the risks of symlink attacks and the importance of secure temporary file handling. These measures will reduce the likelihood of exploitation and limit the potential damage if an attack occurs.