CVE Vulnerabilities

CVE-1999-1022

Published: Oct 02, 1994 | Modified: Dec 19, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.2 MEDIUM
AV:L/AC:H/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

serial_ports administrative program in IRIX 4.x and 5.x trusts the user’s PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program.

Affected Software

Name Vendor Start Version End Version
Irix Sgi 4 4
Irix Sgi 5.2 5.2
Irix Sgi 5.3 5.3

References