Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-1041

4 documents4 sources

Severity

7.2HIGH

EPSS

1.0%

top 22.64%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

SCO Openserver SCO Unix

Timeline

PublishedAug 27

Latest updateMay 3

Description

Buffer overflow in mscreen on SCO OpenServer 5.0 and SCO UNIX 3.2v4 allows a local user to gain root access via (1) a long TERM environmental variable and (2) a long entry in the .mscreenrc file.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

▶NVDsco/unix3.2v4

▶NVDsco/openserver5.0

Patches

Patch: www.cert.org ↗Patch: www.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-xm8j-jw8c-j4ww: Buffer overflow in mscreen on SCO OpenServer 5↗2022-05-03

▶

CVEList

CVE-1999-1041: Buffer overflow in mscreen on SCO OpenServer 5↗2001-09-12

▶

💥Exploits & PoCs

Exploit-DB

SCO OpenServer 5.0.5 - Env Local Stack Overflow↗2001-01-26

▶