CVE-2008-6559

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2008-6559
Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a crafted -d argument that contains .. (dot dot) sequences that point to a directory containing a file whose name includes shell metacharacters.

7.2 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
ftp://ftp.sco.com/pub/unixware7/714/security/p534850/p534850.txt Vendor Advisory
http://secunia.com/advisories/30921 Vendor Advisory
http://www.osvdb.org/51234
http://www.securityfocus.com/bid/28625 Exploit Patch
https://www.exploit-db.com/exploits/5357
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:sco:reliantha:1.1.4:*:*:*:*:*:*:*
cpe:2.3:o:sco:unixware:7.1.4:*:*:*:*:*:*:*
History

No history.

Information

Published : 2009-03-30 20:30

Updated : 2024-02-04 17:33

NVD link : CVE-2008-6559

Mitre link : CVE-2008-6559

CVE.ORG link : CVE-2008-6559

JSON object : View

Products Affected

sco

  • unixware
  • reliantha
CWE
CWE-20

Improper Input Validation