CVE-1999-1022
published 1994-10-02CVE-1999-1022: serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local…
PriorityP417medium6.2CVSS 2.0
AVLACHAuNCCICAC
EXPLOIT
EPSS
0.80%
51.9th percentile
serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
SGI IRIX 4/5.2/5.3 Serial Port Local Privilege Escalation (EDB-19351 / XFDB-2111)
vuldb·2026-04-16·CVSS 6.2
CVE-1999-1022 [MEDIUM] SGI IRIX 4/5.2/5.3 Serial Port Local Privilege Escalation (EDB-19351 / XFDB-2111)
A vulnerability categorized as problematic has been discovered in SGI IRIX 4/5.2/5.3. This affects an unknown part of the component Serial Port Handler. The manipulation results in Local Privilege Escalation.
This vulnerability is identified as CVE-1999-1022. The attack is only possible with local access. Additionally, an exploit exists.
It is advisable to upgrade the affected component.
GHSA
GHSA-29g7-m78g-3fx6: serial_ports administrative program in IRIX 4
ghsa_unreviewed·2022-04-30
CVE-1999-1022 [MEDIUM] GHSA-29g7-m78g-3fx6: serial_ports administrative program in IRIX 4
serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program.
No detection rules found.
No writeups or analysis indexed.
1994-10-02
Published