Lucene search

MitreCVE-2008-6559

HistoryMar 30, 2009 - 8:30 p.m.

CVE-2008-6559

2009-03-3020:30:00

CWE-20

mitre

web.nvd.nist.gov

cve-2008-6559

merge mcd

reliantha 1.1.4

sco unixware 7.1.4

local users

root privileges

crafted argument

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

Percentile

0.4%

JSON

Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a crafted -d argument that contains … (dot dot) sequences that point to a directory containing a file whose name includes shell metacharacters.

Affected configurations

Nvd

Node

scorelianthaMatch1.1.4

AND

scounixwareMatch7.1.4

VendorProductVersionCPE
scoreliantha1.1.4cpe:2.3:a:sco:reliantha:1.1.4:*:*:*:*:*:*:*
scounixware7.1.4cpe:2.3:o:sco:unixware:7.1.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sco	reliantha	1.1.4	cpe:2.3:a:sco:reliantha:1.1.4:::::::*
sco	unixware	7.1.4	cpe:2.3:o:sco:unixware:7.1.4:::::::*

References

ftp://ftp.sco.com/pub/unixware7/714/security/p534850/p534850.txt

secunia.com/advisories/30921

www.osvdb.org/51234

www.securityfocus.com/bid/28625

www.exploit-db.com/exploits/5357

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2008-6559