CVE-2008-6559: Input Validation

Published Mar 30, 2009
·
Updated

Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a crafted -d argument that contains .. (dot dot) sequences that point to a directory containing a file whose name includes shell metacharacters.

Affected Software

2 affected components
SCO ReliantHA=1.1.4
SCO UnixWare=7.1.4

Remediation

Patch Available

http://www.securityfocus.com/bid/28625

Event History

Mar 30, 2009
CVE Published
via MITRE·08:00 PM
Data Sourced
via MITRE·08:00 PM
Description
Data Sourced
08:30 PM
DescriptionWeaknessAffected Software
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2008-6559?

CVE-2008-6559 is classified as a high-severity vulnerability due to potential local privilege escalation.

2

How do I fix CVE-2008-6559?

To fix CVE-2008-6559, ensure that the affected software ReliantHA version 1.1.4 is updated to a patched version that mitigates this vulnerability.

3

Who is affected by CVE-2008-6559?

Users of ReliantHA 1.1.4 on SCO UnixWare 7.1.4 are affected by CVE-2008-6559.

4

What type of vulnerability is CVE-2008-6559?

CVE-2008-6559 is a local privilege escalation vulnerability that allows users to gain root privileges.

5

Can CVE-2008-6559 be exploited remotely?

CVE-2008-6559 cannot be exploited remotely; it requires local access to the system.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203