CVE-2008-6558

SCO Unixware - Improper Input Validation

Title source: rule

Description

Untrusted search path vulnerability in (1) hvdisp and (2) rcvm in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges by modifying the RELIANT_PATH environment variable to point to a malicious bin/hvenv program.

Exploits (1)

exploitdb WORKING POC VERIFIED

by qaaz · clocalsco

https://www.exploit-db.com/exploits/5356

View Code ZIP pw:eip

References (6)

[Patch, Vendor Advisory] ftp://ftp.sco.com/pub/unixware7/714/security/p534850/p534850.txt

[Vendor Advisory] http://secunia.com/advisories/30921

[Exploit] http://www.securityfocus.com/bid/28624

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/5356

[Third Party Advisory, VDB Entry] http://osvdb.org/46706

[Third Party Advisory, VDB Entry] http://osvdb.org/46707

Scores

EPSS 0.0031

EPSS Percentile 53.9%

Details

CWE

CWE-20

Status published

Products (2)

sco/unixware 7.1.4

unixware/reliantha 1.1.4

Published Mar 30, 2009

Tracked Since Feb 18, 2026