Back to search
CVE-2003-0579
Published: Jul 17, 2003
Modified: Aug 8, 2024
PUBLISHED
Description
uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier trusts the user-supplied -uv.install command line option to find and execute the uv.install program, which allows local users to gain privileges by providing a pathname that is under control of the user.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20030716 SRT2003-07-07-0833 - IBM U2 UniVerse users with uvadm rights can take root via uvadmsh
mailing-list
x_refsource_VULNWATCH
20030716 SRT2003-07-07-0833 - IBM U2 UniVerse users with uvadm rights can take root via uvadmsh
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now