Privilege Escalation via Trojan Horse ls Program in IRIX 4.x and 5.x Serial Ports Administrative Program

Privilege Escalation via Trojan Horse ls Program in IRIX 4.x and 5.x Serial Ports Administrative Program

CVE-1999-1022 · MEDIUM Severity

AV:L/AC:H/AU:N/C:C/I:C/A:C

serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program.

Learn more about our User Device Pen Test.