Privilege Escalation via User-Controlled Pathname in IBM U2 UniVerse 10.0.0.9 and Earlier

Privilege Escalation via User-Controlled Pathname in IBM U2 UniVerse 10.0.0.9 and Earlier

CVE-2003-0579 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier trusts the user-supplied -uv.install command line option to find and execute the uv.install program, which allows local users to gain privileges by providing a pathname that is under control of the user.

Learn more about our Cis Benchmark Audit For Ibm I.