Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-1092

4 documents4 sources
Severity
2.1LOW
EPSS
0.4%
top 39.02%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Compaq Tru64
Timeline
PublishedSep 10
Latest updateApr 30

Description

msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mh_profile file.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

NVDcompaq/tru644 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-gjvx-vv98-2m3q: msgchk in Digital UNIX 42022-04-30
CVEList
CVE-2001-1092: msgchk in Digital UNIX 42002-03-15

💥Exploits & PoCs

1
Exploit-DB
Digital Unix 4.0 - MSGCHK MH_PROFILE Symbolic Link2001-09-10
CVE-2001-1092 (LOW CVSS 2.1) | msgchk in Digital UNIX 4.0G and ear | cvebase.io