Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-0887

4 documents4 sources
Severity
2.1LOW
EPSS
0.4%
top 36.59%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Caldera Openserver
Timeline
PublishedOct 4
Latest updateMay 3

Description

scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

NVDcaldera/openserver5.0.5, 5.0.6+1

Patches

Patch: www.iss.netPatch: www.securityfocus.comPatch: www.iss.net

🔴Vulnerability Details

2
GHSA
GHSA-qrpq-jj75-cr25: scoadmin for Caldera/SCO OpenServer 52022-05-03
CVEList
CVE-2002-0887: scoadmin for Caldera/SCO OpenServer 52003-04-02

💥Exploits & PoCs

1
Exploit-DB
Caldera OpenServer 5.0.5/5.0.6 - SCOAdmin Symbolic Link2002-05-29
CVE-2002-0887 (LOW CVSS 2.1) | scoadmin for Caldera/SCO OpenServer | cvebase.io