CVE-1999-0491 | SynScan

Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-1999-0491

The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute.

Published: Apr 20, 1999
Updated: Apr 13, 2023
CVE: CVE-1999-0491
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-94

Affected Software
References

Software	From	Fixed in
gnu / bash	1.14.3	1.14.3.x
gnu / bash	2.05-a	2.05-a.x
gnu / bash	2.05	2.05.x
gnu / bash	1.14.1	1.14.1.x
gnu / bash	2.01	2.01.x
gnu / bash	2.0	2.0.x
gnu / bash	2.01.1	2.01.1.x
gnu / bash	1.14.7	1.14.7.x
gnu / bash	1.14.6	1.14.6.x
gnu / bash	1.14.2	1.14.2.x
gnu / bash	1.14.4	1.14.4.x
gnu / bash	2.02.1	2.02.1.x
gnu / bash	1.14.5	1.14.5.x
gnu / bash	1.14.0	1.14.0.x
gnu / bash	2.02	2.02.x
gnu / bash	-	2.04.x
gnu / bash	2.03	2.03.x