CVE-1999-1022

CVSS 2.0 Score 6.2 of 10 (medium)

Details

Published Oct 2, 1994
Updated: Nov 20, 2024

Summary

CVE-1999-1022 is a vulnerability affecting the serial_ports administrative program in IRIX 4.x and 5.x. This issue stems from the program's trust in the user's PATH environmental variable to locate and execute the ls command. Malicious users can exploit this trust by placing a Trojan horse ls program in a directory listed in the PATH, allowing them to gain root privileges on the affected system. This vulnerability poses a significant risk and demands immediate attention for IRIX users running these versions.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • SGI IRAX

Affected Vendors

  • Saskatchewan Government Insurance