UnixWare uidadmin is a utility used to manage user IDs on Unix-like systems. It allows system administrators to modify the ownership and permissions of files using a symlink attack. This vulnerability enables local users to modify arbitrary files, potentially leading to unauthorized access or data tampering.
You're affected if you use UnixWare uidadmin version 5.3.1 or earlier. To check if you're impacted, run the following command:
find / -type f -exec chmod 777 {} \; 2>/dev/null
This command checks for files with the highest permissions (777) on your system, which could indicate a potential uidadmin vulnerability.
Note: UnixWare is an older operating system, and this CVE might not be relevant to modern systems or those using alternative user management tools. If you're unsure about your system's configuration, consult with your IT department or system administrator.
To fix this vulnerability, upgrade to UnixWare version 5.3.2 or later. You can download the latest version from the SCO Group website: https://www.sco.com/en-us/products/unixware/download
Immediate mitigations:
chmod -R 755 /