Lucene search
K

13 matches found

Prion
Prion
added 2009/03/30 8:30 p.m.13 views

Design/Logic Flaw

Untrusted search path vulnerability in 1 hvdisp and 2 rcvm in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges by modifying the RELIANTPATH environment variable to point to a malicious bin/hvenv program...

7.2CVSS7AI score0.00874EPSS
Exploits1References6Affected Software2
NVD
NVD
added 2009/03/30 8:30 p.m.19 views

CVE-2008-6559

Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a crafted -d argument that contains .. dot dot sequences that point to a directory containing a file whose name includes shell metacharacters...

7.2CVSS6.5AI score0.00802EPSS
Exploits1References5
Prion
Prion
added 2009/03/30 8:30 p.m.19 views

Design/Logic Flaw

Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a crafted -d argument that contains .. dot dot sequences that point to a directory containing a file whose name includes shell metacharacters...

7.2CVSS7AI score0.00802EPSS
Exploits1References5Affected Software2
CVE
CVE
added 2009/03/30 8:0 p.m.57 views

CVE-2008-6558

Untrusted search path vulnerability in ReliantHA 1.1.4 (SCO UnixWare 7.1.4) affects hvdisp and rcvm. Local users can gain root privileges by setting RELIANT_PATH to a malicious bin/hvenv, exploiting an untrusted PATH search. Affected components: RELIANT_PATH environment variable usage in hvdisp/r...

7.2CVSS6.7AI score0.00874EPSS
Exploits1References6Affected Software2
CVE
CVE
added 2009/03/30 8:0 p.m.47 views

CVE-2008-6559

The CVE-2008-6559 entry details a local privilege-escalation in ReliantHA 1.1.4 running on SCO UnixWare 7.1.4. The vulnerability arises when a crafted -d argument contains .. sequences that resolve to a directory containing a file whose name includes shell metacharacters, enabling local users to ...

7.2CVSS6.7AI score0.00802EPSS
Exploits1References5Affected Software2
Prion
Prion
added 2008/04/07 5:44 p.m.14 views

Directory traversal

Directory traversal vulnerability in pkgadd in SCO UnixWare 7.1.4 before p534589 allows local users to create or append to arbitrary files via ".." sequences in an unspecified environment variable, probably PKGINST...

6.9CVSS6.9AI score0.01006EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2008/04/07 5:0 p.m.49 views

CVE-2008-0310

CVE-2008-0310 describes a local privilege escalation in SCO UnixWare 7.1.4 before patch p534589. The vulnerability lies in the pkgadd command, which improperly handles an environment variable (likely PKGINST) during package installation, allowing a local user to traverse directories using ".." se...

6.9CVSS6.4AI score0.01006EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2008/04/07 5:0 p.m.26 views

CVE-2008-0310

Directory traversal vulnerability in pkgadd in SCO UnixWare 7.1.4 before p534589 allows local users to create or append to arbitrary files via ".." sequences in an unspecified environment variable, probably PKGINST...

6.4AI score0.01006EPSS
Exploits1References7
0day.today
0day.today
added 2008/04/04 12:0 a.m.27 views

SCO UnixWare < 7.1.4 p534589 (pkgadd) Local Root Exploit

Exploit for sco platform in category local exploits ======================================================== SCO UnixWare su.log cp su.def /etc/default/su cp su.log /var/adm/sulog rm -f su.def su.log woot.log else echo "------------------------------------" echo " UnixWare pkgadd Local Root...

6.8AI score
Exploits0
NVD
NVD
added 2008/03/17 4:44 p.m.23 views

CVE-2008-1343

Directory traversal vulnerability in 1 pkgadd and 2 pkgrm in SCO UnixWare 7.1.4 allows local users to gain privileges via unknown vectors...

4.9CVSS6.5AI score0.00758EPSS
Exploits0References5
Cvelist
Cvelist
added 2008/03/17 4:0 p.m.20 views

CVE-2008-1343

Directory traversal vulnerability in 1 pkgadd and 2 pkgrm in SCO UnixWare 7.1.4 allows local users to gain privileges via unknown vectors...

6.5AI score0.00758EPSS
Exploits0References5
NVD
NVD
added 2005/12/14 11:3 a.m.23 views

CVE-2005-3903

Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary code via a -S scheme argument that specifies a large file, a different vulnerability than CVE-2001-1063...

4.6CVSS7.4AI score0.00531EPSS
Exploits0References9
CVE
CVE
added 2005/01/29 5:0 a.m.48 views

CVE-2004-1124

CVE-2004-1124 describes a local privilege/escape issue in SCO UnixWare 7.1.1–7.1.4 where the chroot jail can be broken, enabling local users to escape and perform unauthorized actions. The vulnerability affects specific binaries listed by SCO (e.g., /etc/conf/pack.d/namefs/Driver_atup.o, Driver_m...

4.6CVSS6.3AI score0.00337EPSS
Exploits0References6Affected Software2
Rows per page
Query Builder