CVE-2003-1358 | SynScan

Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2003-1358

rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program.

Published: Dec 31, 2003
Updated: Apr 13, 2023
CVE: CVE-2003-1358
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
hp / hp-ux	10.30	10.30.x
hp / hp-ux	11.11	11.11.x
hp / hp-ux	10.01	10.01.x
hp / hp-ux	10.00	10.00.x
hp / hp-ux	10.26	10.26.x
hp / hp-ux	11.04	11.04.x
hp / hp-ux	10.34	10.34.x
hp / hp-ux	11.00	11.00.x
hp / hp-ux	11.0.4	11.0.4.x
hp / hp-ux	10.16	10.16.x
hp / hp-ux	10.20	10.20.x
hp / hp-ux	10.09	10.09.x
hp / hp-ux	10.10	10.10.x
hp / hp-ux	10.24	10.24.x
hp / hp-ux	11.20	11.20.x
hp / hp-ux	11.22	11.22.x
hp / hp-ux	10.08	10.08.x