Lucene search

[email protected]NVD:CVE-2003-1358

HistoryDec 31, 2003 - 5:00 a.m.

CVE-2003-1358

2003-12-3105:00:00

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

High

EPSS

Percentile

0.4%

JSON

rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program.

Affected configurations

Nvd

Node

hphp-uxMatch10.00

hphp-uxMatch10.01

hphp-uxMatch10.08

hphp-uxMatch10.09

hphp-uxMatch10.10

hphp-uxMatch10.16

hphp-uxMatch10.20

hphp-uxMatch10.24

hphp-uxMatch10.26

hphp-uxMatch10.30

hphp-uxMatch10.34

hphp-uxMatch11.00

hphp-uxMatch11.0.4

hphp-uxMatch11.04

hphp-uxMatch11.11

hphp-uxMatch11.20

hphp-uxMatch11.22

VendorProductVersionCPE
hphp-ux10.00cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:*
hphp-ux10.01cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*
hphp-ux10.08cpe:2.3:o:hp:hp-ux:10.08:*:*:*:*:*:*:*
hphp-ux10.09cpe:2.3:o:hp:hp-ux:10.09:*:*:*:*:*:*:*
hphp-ux10.10cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*
hphp-ux10.16cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:*
hphp-ux10.20cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
hphp-ux10.24cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*
hphp-ux10.26cpe:2.3:o:hp:hp-ux:10.26:*:*:*:*:*:*:*
hphp-ux10.30cpe:2.3:o:hp:hp-ux:10.30:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hp	hp-ux	10.00	cpe:2.3:o:hp:hp-ux:10.00:::::::*
hp	hp-ux	10.01	cpe:2.3:o:hp:hp-ux:10.01:::::::*
hp	hp-ux	10.08	cpe:2.3:o:hp:hp-ux:10.08:::::::*
hp	hp-ux	10.09	cpe:2.3:o:hp:hp-ux:10.09:::::::*
hp	hp-ux	10.10	cpe:2.3:o:hp:hp-ux:10.10:::::::*
hp	hp-ux	10.16	cpe:2.3:o:hp:hp-ux:10.16:::::::*
hp	hp-ux	10.20	cpe:2.3:o:hp:hp-ux:10.20:::::::*
hp	hp-ux	10.24	cpe:2.3:o:hp:hp-ux:10.24:::::::*
hp	hp-ux	10.26	cpe:2.3:o:hp:hp-ux:10.26:::::::*
hp	hp-ux	10.30	cpe:2.3:o:hp:hp-ux:10.30:::::::*

Rows per page:

1-10 of 171

References

securityreason.com/securityalert/3236

www.securityfocus.com/advisories/4960

www.securityfocus.com/archive/1/324381

www.securityfocus.com/bid/6837

exchange.xforce.ibmcloud.com/vulnerabilities/11312

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

High

EPSS

Percentile

0.4%

JSON

Related for NVD:CVE-2003-1358

exploitdb1 cvelist1 cve1