Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0836

4 documents4 sources

Severity

10.0CRITICAL

EPSS

2.2%

top 15.66%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Timeline

PublishedDec 2

Latest updateMay 3

Description

UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack.

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

▶NVDsco/unixware4 versions+3

GHSA

GHSA-7fhw-cm9m-7vr5: UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack↗2022-05-03

▶

CVEList

CVE-1999-0836: UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack↗2000-06-02

▶

Exploit-DB

SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' Local Privilege Escalation↗1998-12-02

▶