Sign in
CVE-2003-1358
CVE-2003-1358
Description
rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program.
Impact
CVSS v2 : 7.2 HIGH
Type
CWE-264
Attack Vector
CVSSv2 Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C
Quick links
CVE
,
NVD
,
CERT
,
Metasploit
,
Exploit-db
,
Fulldisc
,
Bugtraq
,
Microsoft
,
Red Hat
,
Debian
, GitHub
code
/
issues
,
Google
References
http://securityreason.com/securityalert/3236
http://www.securityfocus.com/advisories/4960
http://www.securityfocus.com/archive/1/324381
http://www.securityfocus.com/bid/6837
https://exchange.xforce.ibmcloud.com/vulnerabilities/11312
FAQ
Terms of service
Privacy policy
