Vulnerability Database

290,206

Total vulnerabilities in the database

CVE-2002-1871

pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges.

  • Published: Dec 31, 2002
  • Updated: Apr 13, 2023
  • CVE: CVE-2002-1871
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.2
  • AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
sun / sunos 5.7 5.7.x
sun / sunos 5.8 5.8.x
sun / sunos 5.5.1 5.5.1.x
sun / solaris 2.6 2.6.x