Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-0987

4 documents4 sources
Severity
7.2HIGH
EPSS
0.4%
top 39.46%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Caldera OpenunixCaldera Unixware
Timeline
PublishedSep 24
Latest updateMay 3

Description

X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

NVDcaldera/unixware7.1.1

🔴Vulnerability Details

2
GHSA
GHSA-h68g-hh49-6c53: X server (Xsco) in OpenUNIX 82022-05-03
CVEList
CVE-2002-0987: X server (Xsco) in OpenUNIX 82003-04-02

💥Exploits & PoCs

1
Exploit-DB
Caldera X Server 7.1/8.0 - External Program Privileged Invocation2002-08-27