Vulnerabilities > CVE-2002-0987 - Unspecified vulnerability in Caldera Openunix and Unixware

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

caldera

exploit available

NVD

Published: 2002-09-24

Updated: 2008-09-10

Summary

X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges.

Vulnerable Configurations

Part	Description	Count
Application	Caldera Caldera Unixware 7.1.1	1
OS	Caldera Caldera Openunix 8.0	1

Exploit-Db

description	Caldera X Server 7.1/8.0 External Program Privileged Invocation Weakness. CVE-2002-0987. Local exploit for unix platform
id	EDB-ID:21758
last seen	2016-02-02
modified	2002-08-27
published	2002-08-27
reporter	Olaf Kirch
source	https://www.exploit-db.com/download/21758/
title	Caldera X Server 7.1/8.0 - External Program Privileged Invocation Weakness

Summary

Vulnerable Configurations

Exploit-Db

References