CVE-2002-0105

CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating systems, allows local users to gain privileges via a symlink attack on /var/dt/Xerrors since /var/dt is world-writable.

Score7.2
Access VectorLOCAL
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactCOMPLETE
Integrity ImpactCOMPLETE
Availability ImpactCOMPLETE
Published2002-03-25 12:00:00.000-05
Last Modified2016-10-17 10:16:12.000-04

Vulnerable Software List

VendorProductVersions
Caldera Unixware 7.1.0

References

SourceLink
BUGTRAQ20020108 CDE bug in Unixware 7.1
XFunixware-dtlogin-log-symlink(7864)
BID3818