Local Command Execution Vulnerability in Bash by Caldera Systems
CVE-1999-0491

Currently unrated

Key Information:

Vendor

Gnu

Status
Vendor
CVE Published:
20 April 1999

What is CVE-1999-0491?

A local user can exploit a flaw in the prompt parsing of Bash to execute arbitrary commands as another user. This is achieved by creating a directory with the same name as the command intended for execution, potentially compromising system integrity. Users should ensure they are using secure configurations and consider updating to a patched version to mitigate the risks associated with this vulnerability.

References

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.
CVE-1999-0491 : Local Command Execution Vulnerability in Bash by Caldera Systems