SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program.
References
Configurations
Configuration 1 (hide)
|
History
17 Aug 2022, 10:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2003-10-06 04:00
Updated : 2024-02-04 16:31
NVD link : CVE-2003-0742
Mitre link : CVE-2003-0742
CVE.ORG link : CVE-2003-0742
JSON object : View
Products Affected
sco
- openserver
CWE