Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-0154

4 documents4 sources
Severity
1.2LOW
EPSS
0.3%
top 47.64%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
SCO Unixware
Timeline
PublishedFeb 16
Latest updateApr 30

Description

The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack.

CVSS vector

AV:L/AC:H/C:N/I:P/A:NExploitability: 1.9 | Impact: 2.9

Affected Packages1 packages

NVDsco/unixware7.1, 7.1.1+1

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-6mjj-5236-h5mx: The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack2022-04-30
CVEList
CVE-2000-0154: The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack2000-02-23

💥Exploits & PoCs

1
Exploit-DB
SCO Unixware 7.1/7.1.1 - ARCserver /tmp Symlink2000-02-15
CVE-2000-0154 (LOW CVSS 1.2) | The ARCserve agent in UnixWare allo | cvebase.io