Lucene search

[email protected]CVE-1999-1048

HistorySep 05, 1998 - 4:00 a.m.

CVE-1999-1048

1998-09-0504:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-1999-1048

bash

buffer overflow

local attackers

privileges

ps1

nvd.

7.8 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory.

CPENameOperatorVersion
debian:debian_linuxdebian debian linuxeq1.3.1
redhat:linuxredhat linuxeq4.2

CPE	Name	Operator	Version
debian:debian_linux	debian debian linux	eq	1.3.1
redhat:linux	redhat linux	eq	4.2

References

marc.info/?l=bugtraq&m=87602746719555&w=2

www.debian.org/security/1998/19980909

www.osvdb.org/8345

www.securityfocus.com/archive/1/10542

exchange.xforce.ibmcloud.com/vulnerabilities/3414

7.8 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON