CVE-1999-1022
CVSS 2.0 Score 6.2 of 10 (medium)
Details
Published Oct 2, 1994
Updated: Nov 20, 2024
Summary
CVE-1999-1022 is a vulnerability affecting the serial_ports administrative program in IRIX 4.x and 5.x. This issue stems from the program's trust in the user's PATH environmental variable to locate and execute the ls command. Malicious users can exploit this trust by placing a Trojan horse ls program in a directory listed in the PATH, allowing them to gain root privileges on the affected system. This vulnerability poses a significant risk and demands immediate attention for IRIX users running these versions.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- SGI IRAX
Affected Vendors
- Saskatchewan Government Insurance