CVE-1999-1383

Published: 9/12/2001 Last updated: 8/1/2024 Reserved: 8/31/2001

(1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacters (` back-tick), which can cause the commands enclosed in the directory name to be executed when the shell expands filenames using the \w option in the PS1 variable.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

conf-bash

Products affected (1)

Product	Vendor	Version
n/a	n/a	6b6d0ebe479ce082420f5412fc099860ab825450e58d96a6b33c5013ea061864

References (4)

http://www.dataguard.no/bugtraq/1996_3/0503.html
http://marc.info/?l=bugtraq&m=87602167419868&w=2
http://www.dataguard.no/bugtraq/1996_3/0503.html
http://marc.info/?l=bugtraq&m=87602167419868&w=2