Lucene search

[email protected]CVE-2003-0742

HistoryOct 06, 2003 - 4:00 a.m.

CVE-2003-0742

2003-10-0604:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-0742

sco internet manager

mana

local users

arbitrary programs

remote code execution

7.2 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious “hostname” program.

CPENameOperatorVersion
sco:openserversco openservereq5.0.7
sco:openserversco openservereq5.0.5
sco:openserversco openservereq5.0.6

CPE	Name	Operator	Version
sco:openserver	sco openserver	eq	5.0.7
sco:openserver	sco openserver	eq	5.0.5
sco:openserver	sco openserver	eq	5.0.6

References

exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0742

7.2 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2003-0742

securityvulns1