Description
Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access.
Affected products
- sco / openserver3.0 – 3.0
- sco / openserver5 – 5