CVE-2002-0311

Vulnerability in webtop in UnixWare 7.1.1 and Open UNIX 8.0.0 allows local and possibly remote attackers to gain root privileges via shell metacharacters in the -c argument for (1) in scoadminreg.cgi or (2) service_action.cgi.

Score10.0
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactCOMPLETE
Integrity ImpactCOMPLETE
Availability ImpactCOMPLETE
Published2002-05-31 12:00:00.000-04
Last Modified2008-09-10 08:00:55.000-04

Vulnerable Software List

VendorProductVersions
Caldera Openunix 8.0
Caldera Unixware 7.1.1

References

SourceLink
CALDERACSSA-2002-SCO.6
BUGTRAQ20020120 Unixware 7.1.1 scoadminreg.cgi local exploit
XFunixware-webtop-execute-commands(7977)
BID3936