CVE-1999-0491
The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute.
| Software | From | Fixed in |
|---|---|---|
| gnu / bash | 1.14.3 | 1.14.3.x |
| gnu / bash | 2.05-a | 2.05-a.x |
| gnu / bash | 2.05 | 2.05.x |
| gnu / bash | 1.14.1 | 1.14.1.x |
| gnu / bash | 2.01 | 2.01.x |
| gnu / bash | 2.0 | 2.0.x |
| gnu / bash | 2.01.1 | 2.01.1.x |
| gnu / bash | 1.14.7 | 1.14.7.x |
| gnu / bash | 1.14.6 | 1.14.6.x |
| gnu / bash | 1.14.2 | 1.14.2.x |
| gnu / bash | 1.14.4 | 1.14.4.x |
| gnu / bash | 2.02.1 | 2.02.1.x |
| gnu / bash | 1.14.5 | 1.14.5.x |
| gnu / bash | 1.14.0 | 1.14.0.x |
| gnu / bash | 2.02 | 2.02.x |
| gnu / bash | - | 2.04.x |
| gnu / bash | 2.03 | 2.03.x |
- ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-008.0.txt
- http://www.securityfocus.com/bid/119
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.9904202114070.6623-100000@smooth.Operator.org
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.9904202114070.6623-100000%40smooth.Operator.org
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime