CVE-1999-1383

bash <1.14.7, tcsh 6.05 - Privilege Escalation

Title source: llm

Description

(1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacters (` back-tick), which can cause the commands enclosed in the directory name to be executed when the shell expands filenames using the \w option in the PS1 variable.

References (2)

[Exploit, Patch, Vendor Advisory] http://www.dataguard.no/bugtraq/1996_3/0503.html

[Mailing List] http://marc.info/?l=bugtraq&m=87602167419868&w=2

Scores

EPSS 0.0006

EPSS Percentile 18.8%

Classification

CWE

CWE-264

Status draft

Affected Products (8)

gnu/bash < 1.14.6

gnu/bash

tcsh/tcsh

Timeline

Published Sep 13, 1996

Tracked Since Feb 18, 2026