exploitDog

CVE-2001-1148

Опубликовано: 13 июн. 2001

Источник: nvd

CVSS2: 4.6

EPSS Низкий

Описание

Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and earlier allow local users to gain privileges via a long TERM environment variable to (1) atcronsh, (2) auditsh, (3) authsh, (4) backupsh, (5) lpsh, (6) sysadm.menu, or (7) termsh.

Ссылки

http://www.securityfocus.com/archive/1/219966
Patch
Vendor Advisory
http://www.securityfocus.com/archive/82/191216
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7281
http://www.securityfocus.com/archive/1/219966
Patch
Vendor Advisory
http://www.securityfocus.com/archive/82/191216
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7281

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:sco:openserver:*:*:*:*:*:*:*:*

Версия до 5.0.6a (включая)

EPSS

Процентиль: 30%

0.00113

Низкий

4.6 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-xhx7-vf2f-vmhh

github

больше 3 лет назад

Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and earlier allow local users to gain privileges via a long TERM environment variable to (1) atcronsh, (2) auditsh, (3) authsh, (4) backupsh, (5) lpsh, (6) sysadm.menu, or (7) termsh.

EPSS

Процентиль: 30%

0.00113

Низкий

4.6 Medium

CVSS2

Дефекты

NVD-CWE-Other