PT-2002-1380 · Sco · Unixware+1

Published

2002-05-03

Updated

2008-09-11

CVE-2002-0311

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions UnixWare version 7.1.1 Open UNIX version 8.0.0

Description The issue allows local and possibly remote attackers to gain root privileges via shell metacharacters in the -c argument for either scoadminreg.cgi or service action.cgi.

Recommendations For UnixWare version 7.1.1, avoid using the -c argument in scoadminreg.cgi and service action.cgi until a fix is available. For Open UNIX version 8.0.0, restrict access to scoadminreg.cgi and service action.cgi to prevent potential exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0311

Affected Products

Open Unix

Unixware

PT-2002-1380 · Sco · Unixware+1

CVE-2002-0311

Related Identifiers

Affected Products

References · 6