CVE-1999-1383

CVSS 2.0 Score 4.6 of 10 (medium)

Details

Published Sep 13, 1996

Updated: Nov 20, 2024

CWE ID 264

Summary

CVE-1999-1383 is a vulnerability affecting versions of bash before 1.14.7 and tcsh 6.05. Maliciously crafted directory names containing shell metacharacters (` back-tick) can trigger these systems to execute hidden commands when expanding filenames using the PS1 variable's \\w option. Local users can exploit this issue to gain elevated privileges.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Free Software Foundation, Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlSlV
https://www.cve.org/CVERecord?id=CVE-1999-1383
https://nvd.nist.gov/vuln/detail/CVE-1999-1383

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Know What Matters

For Customers

For Partners

CVE-1999-1383

CVSS 2.0 Score 4.6 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations