PT-1998-1236 · Sgi · Sgi Os2 Irix

Published

1998-04-08

Updated

2016-10-18

CVE-1999-1501

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions SGI OS2 IRIX version 6.3

Description The issue arises from the improper clearing of the IFS environmental variable by ipxchk and ipxlink in SGI OS2 IRIX, allowing local users to execute arbitrary commands.

Recommendations For SGI OS2 IRIX version 6.3, consider restricting access to the ipxchk and ipxlink functions until a proper fix is applied to ensure the IFS environmental variable is cleared before executing system calls.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1501

Affected Products

Sgi Os2 Irix

PT-1998-1236 · Sgi · Sgi Os2 Irix

CVE-1999-1501

Related Identifiers

Affected Products

References · 4