Improper input validation in Sco Unixware

CVE-2008-6558

Untrusted search path vulnerability in (1) hvdisp and (2) rcvm in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges by modifying the RELIANT_PATH environment variable to point to a malicious bin/hvenv program.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.009 (54.2th percentile) — read the EPSS interpretation.

Affected products

Sco Unixware — versions 7.1.4
Unixware Reliantha — versions 1.1.4
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

cve@mitre.org (Exploit, vdb-entry, x_refsource_BID)
cve@mitre.org (exploit, x_refsource_EXPLOIT-DB)
cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
cve@mitre.org (x_refsource_OSVDB, vdb-entry)
cve@mitre.org (x_refsource_OSVDB, vdb-entry)