CVE-2002-0311

UnixWare 7.1.1-Open UNIX 8.0.0 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0311. PoCs published by jGgM.

AI-analyzed exploit summary This exploit targets a command injection vulnerability in UnixWare's scoadminreg.cgi by passing a malicious payload via the -c option. It compiles a C program to set SUID/SGID on a shell, then executes it via the vulnerable CGI script to gain root privileges.

Description

Vulnerability in webtop in UnixWare 7.1.1 and Open UNIX 8.0.0 allows local and possibly remote attackers to gain root privileges via shell metacharacters in the -c argument for (1) in scoadminreg.cgi or (2) service_action.cgi.

Exploits (1)

exploitdb WORKING POC VERIFIED

by jGgM · bashlocalunixware

https://www.exploit-db.com/exploits/21239

View Code ZIP pw:eip

This exploit targets a command injection vulnerability in UnixWare's scoadminreg.cgi by passing a malicious payload via the -c option. It compiles a C program to set SUID/SGID on a shell, then executes it via the vulnerable CGI script to gain root privileges.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: UnixWare scoadminreg.cgi

No auth needed

Prerequisites: Presence of vulnerable scoadminreg.cgi at /opt/webtop/bin/i3un0212/cgi-bin/admin/ · Write access to /tmp directory · GCC compiler available

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →