Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0873

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2001-0873
Last Modified 05 Sep 2008 04:25:08
Published 21 Dec 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-0873

Summary

uuxqt in Taylor UUCP package does not properly remove dangerous long options, which allows local users to gain privileges by calling uux and specifying an alternate configuration file with the --config option.

Vulnerable Systems

Application

  • Ian Lance Taylor Taylor Uucp 1.0.6


References

BID - 3312

CALDERA - CSSA-2001-033.0

CONECTIVA - CLA-2001:425

BUGTRAQ - 20010908 Multiple vendor 'Taylor UUCP' problems.

BUGTRAQ - 20011130 Redhat 7.0 local root (via uucp) (attempt 2)

XF - uucp-argument-gain-privileges(7099)

SUSE - SuSE-SA:2001:38

DEBIAN - DSA-079

REDHAT - RHSA-2001:165


Last Updated: 27 May 2016 10:36:26