CVE-2001-1148

3 documents3 sources
Severity
4.6MEDIUM
EPSS
0.1%
top 70.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SCO Openserver
Timeline
PublishedJun 13
Latest updateApr 30

Description

Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and earlier allow local users to gain privileges via a long TERM environment variable to (1) atcronsh, (2) auditsh, (3) authsh, (4) backupsh, (5) lpsh, (6) sysadm.menu, or (7) termsh.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

NVDsco/openserver5.0.6a

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-xhx7-vf2f-vmhh: Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 52022-04-30
CVEList
CVE-2001-1148: Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 52002-03-15
CVE-2001-1148 (MEDIUM CVSS 4.6) | Multiple buffer overflows in progra | cvebase.io