CVE-2001-0208

MicroFocus Cobol 4.1 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0208. PoCs published by Dixie Flatline.

AI-analyzed exploit summary This exploit leverages insecure file permissions on the 'nolicense' shell script in Micro Focus Cobol to execute arbitrary commands as root. The attacker appends malicious commands to the script, which are executed when the application server licenses are exhausted.

Description

MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the mfaslmf directory and the nolicense file with insecure permissions, which allows local users to gain privileges by modifying files.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Dixie Flatline · textlocalunix

https://www.exploit-db.com/exploits/20621

View Code ZIP pw:eip

This exploit leverages insecure file permissions on the 'nolicense' shell script in Micro Focus Cobol to execute arbitrary commands as root. The attacker appends malicious commands to the script, which are executed when the application server licenses are exhausted.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Micro Focus Cobol 4.1 (with Apptrack feature enabled)

Auth required

Prerequisites: Local access to the system · Micro Focus Cobol installed with Apptrack enabled · Insecure file permissions on '/var/mfaslmf/nolicense'

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548.001 - Setuid and Setgid

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/2359

Exploit, Patch, Vendor Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2001-02/0205.html

Scores

EPSS 0.0070

EPSS Percentile 48.5%

Details

Status published

Products (1)

microfocus/cobol 4.1

Published Jun 02, 2001

Tracked Since Feb 18, 2026