CVE Vulnerabilities

CVE-2003-0742

Published: Oct 06, 2003 | Modified: Sep 10, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious hostname program.

Affected Software

Name Vendor Start Version End Version
Openserver Sco 5.0.5 5.0.5
Openserver Sco 5.0.6 5.0.6
Openserver Sco 5.0.7 5.0.7

References