CVE-2002-0311

Description

Vulnerability in webtop in UnixWare 7.1.1 and Open UNIX 8.0.0 allows local and possibly remote attackers to gain root privileges via shell metacharacters in the -c argument for (1) in scoadminreg.cgi or (2) service_action.cgi.

Affected products

• caldera / openunix8.0 – 8.0
• caldera / unixware7.1.1 – 7.1.1

References

• MISChttp://www.iss.net/security_center/static/7977.php
• MISChttp://online.securityfocus.com/archive/1/251747
• MISCftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.6/CSSA-2002-SCO.6.txt
• MISChttp://www.securityfocus.com/bid/3936