|
|
|
|
| |
Credit:
The information has been provided by iDefense Labs Security Advisories.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=676
|
| |
Vulnerable Systems:
* UnixWare version 7.1.4 with all patches available as of August 27th, 2007 installed
By setting an environment variable to a value containing directory traversal sequences, such as "../", an attacker can cause the program to create or append to arbitrary files on the system.
Analysis:
Exploitation allows attackers gain root privileges. Access to execute arbitrary shell commands is required to exploit this issue.
By targeting specific system files, an attacker can add accounts or otherwise facilitate privilege escalation.
Workaround:
Changing the permissions of the pkgadd command to only allow root to execute this program will prevent exploitation of this vulnerability.
# chmod 700 /usr/sbin/pkgadd
Vendor response:
SCO has addressed this vulnerability by releasing patches. For more information, consult their advisory at the following URL.
http://www.sco.com/support/update/download/release.php?rid=324
CVE Information:
CVE-2008-0310
Disclosure timeline:
09/04/2007 - Initial vendor notification
10/30/2007 - Initial vendor response
04/03/2008 - Coordinated public disclosure
|
|
|
|
|
