Unrated severityNVD Advisory· Published May 7, 1997· Updated Apr 16, 2026

CVE-1999-1461

Description

inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program.

Affected products

Sgi/Irix6 versions
cpe:2.3:o:sgi:irix:5.3:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:sgi:irix:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:sgi:irix:6.1:*:*:*:*:*:*:*
- cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*
- cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*
- cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*
- cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

patches.sgi.com/support/free/security/advisories/20001101-01-InvdPatchVendor Advisory
www.securityfocus.com/bid/381nvdExploitPatchVendor Advisory
marc.infonvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000