Description
MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the mfaslmf directory and the nolicense file with insecure permissions, which allows local users to gain privileges by modifying files.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Dixie Flatline · textlocalunix
https://www.exploit-db.com/exploits/20621
References (2)
Core 2
Core References
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/2359
Exploit, Patch, Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0205.html
Scores
EPSS
0.0030
EPSS Percentile
53.1%
Details
Status
published
Products (1)
microfocus/cobol
4.1
Published
Jun 02, 2001
Tracked Since
Feb 18, 2026