CVE-1999-0491
GNU Ba — CWE-94
EPSS 0.00298
- Published: 1999-04-20T04:00:00.000
- Last modified: 2025-04-03T01:03:51.193
- Vendors: GNU
- Products: Ba
- CWE: CWE-94
CVE-1999-0491 — The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute. [Weakness: CWE-94]
Related CVE by CWE
No related CWE found.
Top CVE for Vendor
No items for this vendor.
Recently Exploited Similar Vulnerabilities
No recent KEV-listed items for this vendor/product.
The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute.
🧠 Explainer: What this vulnerability means
Summary: This vulnerability affects Ba by GNU (CWE: unspecified).
Impact: Systems could be compromised, leading to confidentiality, integrity, or availability loss.
Mitigation: Apply the latest vendor patch or update to a fixed version; disable vulnerable modules where possible.
CWE: CWE-94
- ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-008.0.txt [Patch, Vendor Advisory]
- http://www.securityfocus.com/bid/119 []
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.9904202114070.6623-100000%40smooth.Operator.org []
- ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-008.0.txt [Patch, Vendor Advisory]
- http://www.securityfocus.com/bid/119 []
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.9904202114070.6623-100000%40smooth.Operator.org []