CVE-2008-6558

Published: Mar 30, 2009Modified: Apr 23, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

Untrusted search path vulnerability in (1) hvdisp and (2) rcvm in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges by modifying the RELIANT_PATH environment variable to point to a malicious bin/hvenv program.

Affected (2)

Products: Sco: Unixware · Unixware: Reliantha

Sco

1 product

Unixware

1 product

Reliantha

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Sco Unixware	Version 7.1.4
Unixware Reliantha	Version 1.1.4

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (12)

ftp://ftp.sco.com/pub/unixware7/714/security/p534850/p534850.txt (unsafe URL)

Source: cve@mitre.org

PatchVendor Advisory

http://osvdb.org/46706

Source: cve@mitre.org

http://osvdb.org/46707

Source: cve@mitre.org

http://secunia.com/advisories/30921

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/28624

Source: cve@mitre.org

Exploit

https://www.exploit-db.com/exploits/5356

Source: cve@mitre.org

ftp://ftp.sco.com/pub/unixware7/714/security/p534850/p534850.txt (unsafe URL)