Unrated severityNVD Advisory· Published Apr 20, 1999· Updated Jun 16, 2026
CVE-1999-0491
CVE-1999-0491
Description
The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
18cpe:2.3:a:gnu:bash:*:*:*:*:*:*:*:*+ 17 more
- cpe:2.3:a:gnu:bash:*:*:*:*:*:*:*:*range: <=2.04
- cpe:2.3:a:gnu:bash:1.14.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:bash:1.14.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:bash:1.14.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:bash:1.14.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:bash:1.14.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:bash:1.14.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:bash:1.14.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:bash:1.14.7:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:bash:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:bash:2.01:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:bash:2.01.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:bash:2.02:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:bash:2.02.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:bash:2.03:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:bash:2.05:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:bash:2.05:a:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.