CVE-2008-0310 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2008-0310
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-0310

Description: Directory traversal vulnerability in pkgadd in SCO UnixWare 7.1.4 before p534589 allows local users to create or append to arbitrary files via ".." sequences in an unspecified environment variable, probably PKGINST.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/41759 ST 1019787 SCO http://ftp.sco.com/pub/unixware7/714/security/p534589/p534589.txt SAID Secunia Advisory: SA29657 MILW0RM http://www.milw0rm.com/exploits/5355 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=676 CONFIRM http://www.sco.com/support/update/download/release.php?rid=324

Return to the previous page.