CVE-2001-0873

Sažetak

uuxqt in Taylor UUCP package does not properly remove dangerous long options, which allows local users to gain privileges by calling uux and specifying an alternate configuration file with the --config option.

Reference

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000425
http://marc.info/?l=bugtraq&m=100715446131820
http://rhn.redhat.com/errata/RHSA-2001-165.html
http://www.calderasystems.com/support/security/advisories/CSSA-2001-033.0.txt
http://www.debian.org/security/2001/dsa-079
http://www.novell.com/linux/security/advisories/2001_038_uucp_txt.html
http://www.securityfocus.com/archive/1/212892
http://www.securityfocus.com/bid/3312
https://exchange.xforce.ibmcloud.com/vulnerabilities/7099

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

10-10-2017 - 01:29

Objavljeno

21-12-2001 - 05:00