CVE-1999-1383 Information

Description

(1) bash before 1.14.7 and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacters (` back-tick) which can cause the commands enclosed in the directory name to be executed when the shell expands filenames using the \w option in the PS1 variable.

Reference

http://marc.info/?l=bugtraq&m=87602167419868&w=2 http://www.dataguard.no/bugtraq/1996_3/0503.html