CVE-1999-1020
CVSS 2.0 Score 7.5 of 10 (high)
Details
Summary
CVE-1999-1048 is a buffer overflow vulnerability affecting older versions of the Bash shell, including 2.0.0 and 1.4.17. Attackers can exploit this flaw by creating a maliciously long directory name and entering it into a directory that another user is accessing. The extended directory name is then displayed in the password prompt via the PS1 environmental variable. By manipulating the prompt, an attacker can inject code into the shell's buffer, ultimately gaining elevated privileges. This vulnerability poses a serious risk to systems with vulnerable Bash installations.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Novell NetWare
Affected Vendors
- Novell Inc