Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0310

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2008-0310
Last Modified 05 Sep 2008 12:00:00
Published 07 Apr 2008 01:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0310

Summary

Directory traversal vulnerability in pkgadd in SCO UnixWare 7.1.4 before p534589 allows local users to create or append to arbitrary files via ".." sequences in an unspecified environment variable, probably PKGINST.

Vulnerable Systems

Operating System

  • Sco Unixware 7.1.4


References

CONFIRM - http://www.sco.com/support/update/download/release.php?rid=324

XF - sco-unixware-pkgadd-directory-traversal(41759)

SECTRACK - 1019787

MILW0RM - 5355

SECUNIA - 29657

IDEFENSE - 20080403 SCO UnixWare pkgadd Directory Traversal Vulnerability

SCO - SCOSA-2008.1


Last Updated: 27 May 2016 10:46:46