CVE-1999-1048

Name of the Vulnerable Software and Affected Versions bash versions 1.4.17 through 2.0.0

Description The issue allows local attackers to gain privileges by creating an extremely large directory name. This name is inserted into the password prompt via the w option in the PS1 environmental variable when another user changes into that directory.

Recommendations For bash versions 1.4.17 through 2.0.0, consider restricting access to the PS1 environmental variable to minimize the risk of exploitation. As a temporary workaround, avoid using the w option in the PS1 variable until the issue is resolved.