CVE-2002-0987

X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges.

Score7.2
Access VectorLOCAL
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactCOMPLETE
Integrity ImpactCOMPLETE
Availability ImpactCOMPLETE
Published2002-09-24 12:00:00.000-04
Last Modified2008-09-10 03:13:29.000-04

Vulnerable Software List

VendorProductVersions
Caldera Openunix 8.0
Caldera Unixware 7.1.1

References

SourceLink
CALDERACSSA-2002-SCO.38
XFopenunix-unixware-xsco-privileges(9976)
BID5575