CVE-2008-6559

Published: Mar 30, 2009Modified: Apr 23, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a crafted -d argument that contains .. (dot dot) sequences that point to a directory containing a file whose name includes shell metacharacters.

Affected (2)

Products: Sco: Reliantha, Unixware

Sco

2 products

Reliantha

Unixware

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Sco Reliantha	Version 1.1.4
Sco Unixware	Version 7.1.4

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

ftp://ftp.sco.com/pub/unixware7/714/security/p534850/p534850.txt (unsafe URL)

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/30921

Source: cve@mitre.org

Vendor Advisory

http://www.osvdb.org/51234

Source: cve@mitre.org

http://www.securityfocus.com/bid/28625

Source: cve@mitre.org

ExploitPatch

https://www.exploit-db.com/exploits/5357

Source: cve@mitre.org

ftp://ftp.sco.com/pub/unixware7/714/security/p534850/p534850.txt (unsafe URL)