CVE-1999-1022

IRIX 4.x-5.x - Privilege Escalation

Title source: llm

Description

serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program.

Exploits (1)

exploitdb WORKING POC VERIFIED

by transit · bashlocalirix

https://www.exploit-db.com/exploits/19351

View Code ZIP pw:eip

References (3)

[Exploit, Vendor Advisory] http://www.securityfocus.com/archive/1/930

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/464

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/2111

Scores

EPSS 0.0046

EPSS Percentile 64.0%

Details

Status published

Products (3)

sgi/irix 4

sgi/irix 5.2

sgi/irix 5.3

Published Oct 02, 1994

Tracked Since Feb 18, 2026