Lucene search

MitreCVE-2002-0987

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-0987

2003-04-0205:00:00

mitre

web.nvd.nist.gov

cve-2002-0987

x server

openunix

unixware

privilege escalation

security vulnerability

nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

Percentile

0.4%

JSON

X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges.

Affected configurations

Nvd

Node

calderaunixwareMatch7.1.1

Node

calderaopenunixMatch8.0

VendorProductVersionCPE
calderaunixware7.1.1cpe:2.3:a:caldera:unixware:7.1.1:*:*:*:*:*:*:*
calderaopenunix8.0cpe:2.3:o:caldera:openunix:8.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
caldera	unixware	7.1.1	cpe:2.3:a:caldera:unixware:7.1.1:::::::*
caldera	openunix	8.0	cpe:2.3:o:caldera:openunix:8.0:::::::*

References

ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.38

www.iss.net/security_center/static/9976.php

www.osvdb.org/5044

www.securityfocus.com/bid/5575

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2002-0987