7.2

CVE-2003-1358

Exploit
rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
HpHp-ux Version10.00
HpHp-ux Version10.01
HpHp-ux Version10.08
HpHp-ux Version10.09
HpHp-ux Version10.10
HpHp-ux Version10.16
HpHp-ux Version10.20
HpHp-ux Version10.24
HpHp-ux Version10.26
HpHp-ux Version10.30
HpHp-ux Version10.34
HpHp-ux Version11.00
HpHp-ux Version11.0.4
HpHp-ux Version11.04
HpHp-ux Version11.11
HpHp-ux Version11.20
HpHp-ux Version11.22
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.95% 0.567
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://securityreason.com/securityalert/3236
http://www.securityfocus.com/advisories/4960
http://www.securityfocus.com/archive/1/324381
http://www.securityfocus.com/bid/6837
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/11312