Privilege Escalation via Symlink Attack on CDE dtlogin in Caldera UnixWare 7.1.0

Privilege Escalation via Symlink Attack on CDE dtlogin in Caldera UnixWare 7.1.0

CVE-2002-0105 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating systems, allows local users to gain privileges via a symlink attack on /var/dt/Xerrors since /var/dt is world-writable.

Learn more about our Cis Benchmark Audit For Operating Systems.