7.2

CVE-2002-1296

Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SunSolaris Version2.6
SunSolaris Version7.0 Editionx86
SunSolaris Version8.0 Editionx86
SunSolaris Version9.0 Editionsparc
SunSunos Version5.5.1
SunSunos Version5.7
SunSunos Version5.8
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.62% 0.449
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://marc.info/?l=bugtraq&m=103842619803173&w=2
http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fsalert/49131
Patch
Vendor Advisory
http://www.iss.net/security_center/static/10717.php
Vendor Advisory
http://www.kb.cert.org/vuls/id/683673
Patch
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/6262
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3637