CVE-2008-6559

SCO Reliantha - Improper Input Validation

Title source: rule

Description

Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a crafted -d argument that contains .. (dot dot) sequences that point to a directory containing a file whose name includes shell metacharacters.

Exploits (1)

exploitdb WORKING POC VERIFIED

by qaaz · clocalsco

https://www.exploit-db.com/exploits/5357

View Code ZIP pw:eip

References (5)

[Vendor Advisory] ftp://ftp.sco.com/pub/unixware7/714/security/p534850/p534850.txt

[Vendor Advisory] http://secunia.com/advisories/30921

[Exploit, Patch] http://www.securityfocus.com/bid/28625

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/5357

[Third Party Advisory, VDB Entry] http://www.osvdb.org/51234

Scores

EPSS 0.0048

EPSS Percentile 65.3%

Details

CWE

CWE-20

Status published

Products (2)

sco/reliantha 1.1.4

sco/unixware 7.1.4

Published Mar 30, 2009

Tracked Since Feb 18, 2026