Vulnerability Details CVE-2003-0742
SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.5%
CVSS Severity
CVSS v2 Score 7.2
References
Products affected by CVE-2003-0742
-
cpe:2.3:o:sco:openserver:5.0.5
-
cpe:2.3:o:sco:openserver:5.0.6
-
cpe:2.3:o:sco:openserver:5.0.7