Vulnerability Details CVE-2008-0310
Directory traversal vulnerability in pkgadd in SCO UnixWare 7.1.4 before p534589 allows local users to create or append to arbitrary files via ".." sequences in an unspecified environment variable, probably PKGINST.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.6%
CVSS Severity
CVSS v2 Score 6.9
References
- http://ftp.sco.com/pub/unixware7/714/security/p534589/p534589.txt
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=676
- http://secunia.com/advisories/29657
- http://www.sco.com/support/update/download/release.php?rid=324
- http://www.securitytracker.com/id?1019787
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41759
- https://www.exploit-db.com/exploits/5355
- http://ftp.sco.com/pub/unixware7/714/security/p534589/p534589.txt
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=676
- http://secunia.com/advisories/29657
- http://www.sco.com/support/update/download/release.php?rid=324
- http://www.securitytracker.com/id?1019787
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41759
- https://www.exploit-db.com/exploits/5355