CVE-1999-1022

CVSS 2.0 Score 6.2 of 10 (medium)

Details

Published Oct 2, 1994

Updated: Nov 20, 2024

Summary

CVE-1999-1022 is a vulnerability affecting the serial_ports administrative program in IRIX 4.x and 5.x. Instead of using a fixed path to locate the ls program for user commands, this software relies on the user's PATH environmental variable. malicious local users can exploit this trust by placing a Trojan horse ls program in their PATH, allowing them to gain root privileges when running commands through the serial_ports program. This vulnerability poses a significant security risk, as it enables unauthorized escalation of privileges.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SGI IRAX

Affected Vendors

Saskatchewan Government Insurance

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlTBP
https://www.cve.org/CVERecord?id=CVE-1999-1022
https://nvd.nist.gov/vuln/detail/CVE-1999-1022

Back to Vulnerability Database