CVE-1999-1501 - OpenCVE

(1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sgi	Irix

Configuration 1 [-]

cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://marc.info/?l=bugtraq&m=89217373930054&w=2
http://www.securityfocus.com/bid/70
http://www.securityfocus.com/bid/71

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2001-09-12T04:00:00

Updated: 2024-08-01T17:18:07.513Z

Reserved: 2001-08-31T00:00:00

Link: CVE-1999-1501

Vulnrichment

No data.

NVD

Status : Modified

Published: 1998-04-08T04:00:00.000

Modified: 2016-10-18T02:05:02.120

Link: CVE-1999-1501

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "1998-04-08T00:00:00", "descriptions": [{"lang": "en", "value": "(1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "19980408 SGI O2 ipx security issue", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=89217373930054&w=2"}, {"name": "70", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/70"}, {"name": "71", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/71"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1501", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "(1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "19980408 SGI O2 ipx security issue", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=89217373930054&w=2"}, {"name": "70", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70"}, {"name": "71", "refsource": "BID", "url": "http://www.securityfocus.com/bid/71"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T17:18:07.513Z"}, "title": "CVE Program Container", "references": [{"name": "19980408 SGI O2 ipx security issue", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=89217373930054&w=2"}, {"name": "70", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/70"}, {"name": "71", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/71"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1501", "datePublished": "2001-09-12T04:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:18:07.513Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}