Caldera Unixware vulnerabilities

20 known vulnerabilities affecting caldera/unixware.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL3HIGH14MEDIUM2LOW1

Vulnerabilities

Page 1 of 1

CVE-2002-1231LOWCVSS 2.1v7.1.12002-11-04

CVE-2002-1231 [LOW] CVE-2002-1231: SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp ca SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc.

nvd

CVE-2002-0884HIGHCVSS 7.5v7.1.12002-10-04

CVE-2002-0884 [HIGH] CVE-2002-0884: Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Ope Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error.

nvd

CVE-2002-0885HIGHCVSS 7.5v7.1.12002-10-04

CVE-2002-0885 [HIGH] CVE-2002-0885: Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open UNIX, allow remote attackers to execute arbitrary code, possibly via the functions (1) syserr and (2) error.

nvd

CVE-2002-0988CRITICALCVSS 10.0v7.1.12002-09-24

CVE-2002-0988 [CRITICAL] CVE-2002-0988: Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkb Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities.

nvd

CVE-2002-0981HIGHCVSS 7.2v7.1.12002-09-24

CVE-2002-0981 [HIGH] CVE-2002-0981: Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to execut Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to execute arbitrary code via a long command line.

nvd

CVE-2002-0987HIGHCVSS 7.2PoCv7.1.12002-09-24

CVE-2002-0987 [HIGH] CVE-2002-0987: X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling program X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges.

nvd

CVE-2002-0679CRITICALCVSS 10.0v7.0v7.1.0+1 more2002-09-05

CVE-2002-0679 [CRITICAL] CVE-2002-0679: Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) a Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.

nvd

CVE-2002-0517HIGHCVSS 7.2v7.1.12002-08-12

CVE-2002-0517 [HIGH] CVE-2002-0517: Buffer overflow in X11 library (libX11) on Caldera Open UNIX 8.0.0, UnixWare 7.1.1, and possibly oth Buffer overflow in X11 library (libX11) on Caldera Open UNIX 8.0.0, UnixWare 7.1.1, and possibly other operating systems, allows local users to gain root privileges via a long -xrm argument to programs such as (1) dtterm or (2) xterm.

nvd

CVE-2002-0827HIGHCVSS 7.2v7.1.12002-08-12

CVE-2002-0827 [HIGH] CVE-2002-0827: Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to gain root privileg Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to gain root privileges via (1) ppptalk or (2) ppp, a different vulnerability than CVE-2002-0824.

nvd

CVE-2002-0678HIGHCVSS 7.2v7.0v7.1.0+1 more2002-07-23

CVE-2002-0678 [HIGH] CVE-2002-0678: CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a syml CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.

nvd

CVE-2002-0677HIGHCVSS 7.5v7v7.1.1+1 more2002-07-23

CVE-2002-0677 [HIGH] CVE-2002-0677: CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory loca CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

nvd

CVE-2002-0311CRITICALCVSS 10.0PoCv7.1.12002-05-31

CVE-2002-0311 [CRITICAL] CVE-2002-0311: Vulnerability in webtop in UnixWare 7.1.1 and Open UNIX 8.0.0 allows local and possibly remote attac Vulnerability in webtop in UnixWare 7.1.1 and Open UNIX 8.0.0 allows local and possibly remote attackers to gain root privileges via shell metacharacters in the -c argument for (1) in scoadminreg.cgi or (2) service_action.cgi.

nvd

CVE-2002-0246HIGHCVSS 7.2PoCv7.1.12002-05-29

CVE-2002-0246 [HIGH] CVE-2002-0246: Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LC_MESSAGE environment variable to read other message catalogs containing format strings from setuid programs such as vxprint.

nvd

CVE-2002-0105HIGHCVSS 7.2v7.1.02002-03-25

CVE-2002-0105 [HIGH] CVE-2002-0105: CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating systems, allows local users to g CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating systems, allows local users to gain privileges via a symlink attack on /var/dt/Xerrors since /var/dt is world-writable.

nvd

CVE-2001-1577HIGHCVSS 7.5v7.1.0v7.1.12001-12-31

CVE-2001-1577 [HIGH] CVE-2001-1577: Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to ga Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to gain privileges when the session is reused.

nvd

CVE-2001-1478HIGHCVSS 7.2v7.1.0v7.1.12001-12-31

CVE-2001-1478 [HIGH] CVE-2001-1478: Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execu Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code.

nvd

CVE-2001-1576MEDIUMCVSS 4.6v72001-12-31

CVE-2001-1576 [MEDIUM] CVE-2001-1576: Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a com Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument.

nvd

CVE-2001-0858MEDIUMCVSS 4.6v7.1.0v7.1.12001-12-06

CVE-2001-0858 [MEDIUM] CVE-2001-0858: Buffer overflow in pppattach and other linked PPP utilities in Caldera Open Unix 8.0 and UnixWare 7. Buffer overflow in pppattach and other linked PPP utilities in Caldera Open Unix 8.0 and UnixWare 7.1.0 and 7.1.1 allows local users to gain privileges.

nvd

CVE-2001-1063HIGHCVSS 7.2v72001-08-31

CVE-2001-1063 [HIGH] CVE-2001-1063: Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7 allows local users to gain roo Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7 allows local users to gain root privileges via a long -S (scheme) command line argument.

nvd

CVE-2001-1164HIGHCVSS 7.2v7.02001-06-27

CVE-2001-1164 [HIGH] CVE-2001-1164: Buffer overflow in uucp utilities in UnixWare 7 allows local users to execute arbitrary code via lon Buffer overflow in uucp utilities in UnixWare 7 allows local users to execute arbitrary code via long command line arguments to (1) uucp, (2) uux, (3) bnuconvert, (4) uucico, (5) uuxcmd, or (6) uuxqt.

nvd