CVE-2003-1358

high

Description

rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/11312

http://www.securityfocus.com/archive/1/324381

http://www.securityfocus.com/advisories/4960

http://securityreason.com/securityalert/3236

Details

Source: Mitre, NVD

Published: 2003-12-31

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00191