Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-1999-1048 | First vendor Publication | 1998-09-05 |
Vendor | Cve | Last vendor Modification | 2017-10-10 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 4.6 | Attack Range | Local |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1048 |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 | |
Os | 1 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
8345 | bash \w option PS1 Environment Variable Overflow A local overflow exists in bash. The rl_redisplay() function fails to perform proper bounds checking resulting in a buffer overflow. The issue is triggered when creating a overly long directory name containing more than 1024 bytes, which is inserted into the password prompt via the '\w' option in the PS1 environmental variable when another user changes into that directory. It is possible for a malicious user to gain elevated privileges resulting in a loss of integrity. |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:00:58 |
|
2021-04-22 01:01:13 |
|
2020-05-23 00:14:11 |
|
2017-10-10 09:23:14 |
|
2016-10-18 12:00:46 |
|
2016-06-28 14:51:11 |
|
2013-05-11 11:57:47 |
|