VULHUB ™

The majority of the UnixWare "pkg" command, such as pkginfo, pkgcat, pkgparam, etc, are vulnerable to a bug which will allow any user to read any file on the system as a result of their additional "dacread" permission in the privs file.

The majority of the UnixWare "pkg" command, such as pkginfo, pkgcat, pkgparam, etc, are vulnerable to a bug which will allow any user to read any file on the system as a result of their additional "dacread" permission in the privs file.