Lucene search

[email protected]CVE-2002-0987

HistorySep 24, 2002 - 4:00 a.m.

CVE-2002-0987

2002-09-2404:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2002-0987

x server

openunix

unixware

privilege escalation

security vulnerability

nvd

7.4 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges.

CPENameOperatorVersion
caldera:unixwarecaldera unixwareeq7.1.1
caldera:openunixcaldera openunixeq8.0

CPE	Name	Operator	Version
caldera:unixware	caldera unixware	eq	7.1.1
caldera:openunix	caldera openunix	eq	8.0

References

ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.38

www.iss.net/security_center/static/9976.php

www.osvdb.org/5044

www.securityfocus.com/bid/5575

7.4 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON