PT-1999-1708 · Slackware · Slackware

Published

1999-01-02

Updated

2016-10-18

CVE-1999-1422

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Slackware versions 3.4 and possibly other versions

Description: The default configuration of Slackware includes the current directory in the PATH environmental variable. This could allow local users to create Trojan horse programs that are inadvertently executed by other users.

Recommendations: For Slackware version 3.4, remove the current directory from the PATH environmental variable to prevent the execution of Trojan horse programs. For other possibly affected versions, review the PATH environmental variable configuration and remove the current directory if it is included.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1422

Affected Products

Slackware

PT-1999-1708 · Slackware · Slackware

CVE-1999-1422

Related Identifiers

Affected Products

References · 3