CVE-2008-6558

SCO UnixWare 7.1.4 ReliantHA - Privilege Escalation via RELIANT_PATH Environment Variable

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-6558. PoCs published by qaaz.

AI-analyzed exploit summary This exploit leverages a symlink vulnerability in SCO UnixWare Reliant HA to gain root privileges by manipulating the RELIANT_PATH environment variable and executing a privileged binary. It spawns a shell with elevated privileges if the exploit succeeds.

Description

Untrusted search path vulnerability in (1) hvdisp and (2) rcvm in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges by modifying the RELIANT_PATH environment variable to point to a malicious bin/hvenv program.

Exploits (1)

exploitdb WORKING POC VERIFIED

by qaaz · clocalsco

https://www.exploit-db.com/exploits/5356

View Code ZIP pw:eip

This exploit leverages a symlink vulnerability in SCO UnixWare Reliant HA to gain root privileges by manipulating the RELIANT_PATH environment variable and executing a privileged binary. It spawns a shell with elevated privileges if the exploit succeeds.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: SCO UnixWare Reliant HA

No auth needed

Prerequisites: Local access to the target system · Presence of vulnerable Reliant HA binaries (/usr/opt/reliant/bin/hvdisp or /usr/opt/reliant/bin/rcvm)

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548.001 - Setuid and Setgid

devstral-2 · analyzed Feb 16, 2026 Full analysis →