Lucene search

PRIOn knowledge basePRION:CVE-2008-0310

HistoryApr 07, 2008 - 5:44 p.m.

Directory traversal

2008-04-0717:44:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Directory traversal vulnerability in pkgadd in SCO UnixWare 7.1.4 before p534589 allows local users to create or append to arbitrary files via “…” sequences in an unspecified environment variable, probably PKGINST.

CPENameOperatorVersion
unixwareeq7.1.4

CPE	Name	Operator	Version
	unixware	eq	7.1.4

References

ftp.sco.com/pub/unixware7/714/security/p534589/p534589.txt

labs.idefense.com/intelligence/vulnerabilities/display.php?id=676

secunia.com/advisories/29657

www.sco.com/support/update/download/release.php?rid=324

www.securitytracker.com/id?1019787

exchange.xforce.ibmcloud.com/vulnerabilities/41759

www.exploit-db.com/exploits/5355

6.9 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for PRION:CVE-2008-0310