CVE-1999-1501
SGI IRIX 6.3 - Local Command Execution via IFS Environment Variable
Title source: llmDescription
(1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands.
References (3)
Core 3
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=89217373930054&w=2
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/70
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/71
Scores
EPSS
0.0007
EPSS Percentile
22.2%
Details
Status
published
Products (1)
sgi/irix
6.3
Published
Apr 08, 1998
Tracked Since
Feb 18, 2026