4.6

CVE-1999-1048

Exploit
Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DebianDebian Linux Version1.3.1
RedhatLinux Version4.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.54% 0.41
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://marc.info/?l=bugtraq&m=87602746719555&w=2
http://www.debian.org/security/1998/19980909
Patch
Vendor Advisory
http://www.osvdb.org/8345
http://www.securityfocus.com/archive/1/10542
Vendor Advisory
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/3414