CVE-2008-0310

Опубликовано: 07 апр. 2008

Источник: nvd

CVSS2: 6.9

EPSS Низкий

Описание

Directory traversal vulnerability in pkgadd in SCO UnixWare 7.1.4 before p534589 allows local users to create or append to arbitrary files via ".." sequences in an unspecified environment variable, probably PKGINST.

Ссылки

http://ftp.sco.com/pub/unixware7/714/security/p534589/p534589.txt
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=676
http://secunia.com/advisories/29657
Vendor Advisory
http://www.sco.com/support/update/download/release.php?rid=324
Patch
Vendor Advisory
http://www.securitytracker.com/id?1019787
https://exchange.xforce.ibmcloud.com/vulnerabilities/41759
https://www.exploit-db.com/exploits/5355
http://ftp.sco.com/pub/unixware7/714/security/p534589/p534589.txt
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=676
http://secunia.com/advisories/29657
Vendor Advisory
http://www.sco.com/support/update/download/release.php?rid=324
Patch
Vendor Advisory
http://www.securitytracker.com/id?1019787
https://exchange.xforce.ibmcloud.com/vulnerabilities/41759
https://www.exploit-db.com/exploits/5355

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:sco:unixware:7.1.4:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.00414

Низкий

6.9 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-m929-4xg6-9c8m

github

почти 4 года назад