CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
0.4%
rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program.
Vendor | Product | Version | CPE |
---|---|---|---|
hp | hp-ux | 10.00 | cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:* |
hp | hp-ux | 10.01 | cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:* |
hp | hp-ux | 10.08 | cpe:2.3:o:hp:hp-ux:10.08:*:*:*:*:*:*:* |
hp | hp-ux | 10.09 | cpe:2.3:o:hp:hp-ux:10.09:*:*:*:*:*:*:* |
hp | hp-ux | 10.10 | cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:* |
hp | hp-ux | 10.16 | cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:* |
hp | hp-ux | 10.20 | cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:* |
hp | hp-ux | 10.24 | cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:* |
hp | hp-ux | 10.26 | cpe:2.3:o:hp:hp-ux:10.26:*:*:*:*:*:*:* |
hp | hp-ux | 10.30 | cpe:2.3:o:hp:hp-ux:10.30:*:*:*:*:*:*:* |