Lucene search

[email protected]CVE-2003-0221

HistoryMay 12, 2003 - 4:00 a.m.

CVE-2003-0221

2003-05-1204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-0221

hp tru64 unix

symlink attack

vulnerability

dupatch

setld

root privileges

7.4 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

The (1) dupatch and (2) setld utilities in HP Tru64 UNIX 5.1B PK1 and earlier allows local users to overwrite files and possibly gain root privileges via a symlink attack.

CPENameOperatorVersion
hp:tru64hp tru64le5.1b

CPE	Name	Operator	Version
hp:tru64	hp tru64	le	5.1b

References

www.ciac.org/ciac/bulletins/n-086.shtml

www.securityfocus.com/bid/7452

exchange.xforce.ibmcloud.com/vulnerabilities/11892

7.4 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON