CVE-2003-0704 in KisMACinfo

Summary

KisMAC before 0.05d trusts user-supplied variables when chown ing files or directories, which allows local users to gain privileges via the $DRIVER_KEXT environment variable in (1) viha_driver.sh, (2) macjack_load.sh, (3) airojack_load.sh, (4) setuid_enable.sh, (5) setuid_disable.sh, and using a "similar technique" for (6) viha_prep.sh and (7) viha_unprep.sh.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

08/24/2003

Disclosure

09/17/2003

Moderation

VulDB entry created

Entries

VDB-20818 (1)

CPE

ready

CWE

CWE-269 (Confirmed)

CVSS

8.4

EPSS

0.00047

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2003-0704
NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-0704
CVE Details	https://www.cvedetails.com/cve/CVE-2003-0704/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!