CVE-1999-1022
— NVD-CWE-Other
- Published: 1994-10-02T04:00:00.000
- Last modified: 2025-04-03T01:03:51.193
- CWE: NVD-CWE-Other
CVE-1999-1022 — serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program. [Weakness: NVD-CWE-Other]
Related CVE by CWE
No related CWE found.
Top CVE for Vendor
No vendor taxonomy on this entry.
Recently Exploited Similar Vulnerabilities
No recent KEV-listed items for this vendor/product.
serial_ports administrative program in IRIX 4.x and 5.x trusts the user’s PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program.
🧠 Explainer: What this vulnerability means
Summary: This vulnerability affects the product by the vendor (CWE: unspecified).
Impact: Potential impact includes remote code execution, data theft, or denial of service.
Mitigation: Until patched, restrict exposure, enforce least privilege, and monitor for suspicious activity.
No vendor/product data yet.
- http://www.securityfocus.com/archive/1/930 [Exploit, Vendor Advisory]
- http://www.securityfocus.com/bid/464 [Exploit, Patch, Vendor Advisory]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/2111 []
- http://www.securityfocus.com/archive/1/930 [Exploit, Vendor Advisory]
- http://www.securityfocus.com/bid/464 [Exploit, Patch, Vendor Advisory]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/2111 []