Local Privilege Escalation in Bash and Tcsh Shells
CVE-1999-1383

Currently unrated

Key Information:

Vendor: Gnu
Status: Bash; Tcsh
Vendor: CVE Published:; 13 September 1996

What is CVE-1999-1383?

The vulnerability in certain versions of Bash and Tcsh allows local users to gain elevated privileges through the manipulation of directory names containing shell metacharacters, such as back-ticks. When filename expansions are performed, the commands within these directory names can be executed inadvertently, leading to potential exploitation by malicious users. This issue highlights the risks associated with improperly sanitized inputs in shell environments.

References

http://www.dataguard.no/bugtraq/1996_3/0503.html

mailing-listx_refsource_BUGTRAQ

http://marc.info/?l=bugtraq&m=87602167419868&w=2

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Aug 31, 2001
Vulnerability published
Sep 13, 1996

Gnu

What is CVE-1999-1383?

References

Timeline