Vulnerability Description
Untrusted search path vulnerability in (1) hvdisp and (2) rcvm in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges by modifying the RELIANT_PATH environment variable to point to a malicious bin/hvenv program.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sco | Unixware | 7.1.4 |
| Unixware | Reliantha | 1.1.4 |
Related Weaknesses (CWE)
References
- ftp://ftp.sco.com/pub/unixware7/714/security/p534850/p534850.txtPatchVendor Advisory
- http://osvdb.org/46706
- http://osvdb.org/46707
- http://secunia.com/advisories/30921Vendor Advisory
- http://www.securityfocus.com/bid/28624Exploit
- https://www.exploit-db.com/exploits/5356
- ftp://ftp.sco.com/pub/unixware7/714/security/p534850/p534850.txtPatchVendor Advisory
- http://osvdb.org/46706
- http://osvdb.org/46707
- http://secunia.com/advisories/30921Vendor Advisory
- http://www.securityfocus.com/bid/28624Exploit
- https://www.exploit-db.com/exploits/5356
FAQ
What is CVE-2008-6558?
CVE-2008-6558 is a vulnerability with a CVSS score of 7.2 (HIGH). Untrusted search path vulnerability in (1) hvdisp and (2) rcvm in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges by modifying the RELIANT_PATH environment variable to...
How severe is CVE-2008-6558?
CVE-2008-6558 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6558?
Check the references section above for vendor advisories and patch information. Affected products include: Sco Unixware, Unixware Reliantha.