Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2008-0310

CWE-22Path Traversal4 documents4 sources
Severity
6.9MEDIUM
EPSS
0.4%
top 38.46%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
SCO Unixware
Timeline
PublishedApr 7
Latest updateMay 1

Description

Directory traversal vulnerability in pkgadd in SCO UnixWare 7.1.4 before p534589 allows local users to create or append to arbitrary files via ".." sequences in an unspecified environment variable, probably PKGINST.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages1 packages

NVDsco/unixware7.1.4

Patches

Patch: www.sco.comPatch: www.sco.com

🔴Vulnerability Details

2
GHSA
GHSA-m929-4xg6-9c8m: Directory traversal vulnerability in pkgadd in SCO UnixWare 72022-05-01
CVEList
CVE-2008-0310: Directory traversal vulnerability in pkgadd in SCO UnixWare 72008-04-07

💥Exploits & PoCs

1
Exploit-DB
SCO UnixWare < 7.1.4 p534589 - 'pkgadd' Local Privilege Escalation2008-04-04
CVE-2008-0310 (MEDIUM CVSS 6.9) | Directory traversal vulnerability i | cvebase.io