Lucene search

MitreCVE-2008-6558

HistoryMar 30, 2009 - 8:30 p.m.

CVE-2008-6558

2009-03-3020:30:00

CWE-20

mitre

web.nvd.nist.gov

cve-2008-6558

untrusted search path vulnerability

reliantha

sco unixware 7.1.4

root privileges

security vulnerability

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

Percentile

0.4%

JSON

Untrusted search path vulnerability in (1) hvdisp and (2) rcvm in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges by modifying the RELIANT_PATH environment variable to point to a malicious bin/hvenv program.

Affected configurations

Nvd

Node

scounixwareMatch7.1.4

AND

unixwarerelianthaMatch1.1.4

VendorProductVersionCPE
scounixware7.1.4cpe:2.3:o:sco:unixware:7.1.4:*:*:*:*:*:*:*
unixwarereliantha1.1.4cpe:2.3:a:unixware:reliantha:1.1.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sco	unixware	7.1.4	cpe:2.3:o:sco:unixware:7.1.4:::::::*
unixware	reliantha	1.1.4	cpe:2.3:a:unixware:reliantha:1.1.4:::::::*

References

ftp://ftp.sco.com/pub/unixware7/714/security/p534850/p534850.txt

osvdb.org/46706

osvdb.org/46707

secunia.com/advisories/30921

www.securityfocus.com/bid/28624

www.exploit-db.com/exploits/5356

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2008-6558