cbcvebase.

Sco Openserver vulnerabilities

68 known vulnerabilities affecting sco/openserver.

Total CVEs
68
CISA KEV
0
Public exploits
19
Exploited in wild
1
Severity breakdown
CRITICAL7HIGH25MEDIUM28LOW8

Vulnerabilities

Page 2 of 4
CVE-1999-1450P4HIGHCVSS 7.5≤ 5.0.5v5.0+2 more1999-01-27
CVE-1999-1450 [HIGH] CVE-1999-1450: Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges.
nvd
CVE-2000-0158P4HIGHCVSS 7.5v5.0v5.0.2+2 more2000-02-16
CVE-2000-0158 [HIGH] CVE-2000-0158: Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM comma Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon.
nvd
CVE-2004-0511P4LOWCVSS 2.1PoCv5.0.6v5.0.6a+1 more2004-12-23
CVE-2004-0511 [LOW] CVE-2004-0511: Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a null dereference.
nvd
CVE-2005-3625P4CRITICALCVSS 10.0v5.0.7v6.02005-12-31
CVE-2005-3625 [CRITICAL] CWE-399 CVE-2005-3625: Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and oth Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
nvd
CVE-1999-0893P4LOWCVSS 2.1PoCv5.01999-10-11
CVE-1999-0893 [LOW] CVE-1999-0893: userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack. userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack.
nvd
CVE-2004-0112P4MEDIUMCVSS 5.0v5.0.6v5.0.72004-11-23
CVE-2004-0112 [MEDIUM] CWE-125 CVE-2004-0112: The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
nvd
CVE-1999-0017P4HIGHCVSS 7.5v5.0.41997-12-10
CVE-1999-0017 [HIGH] CVE-1999-0017: FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP clien FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
nvd
CVE-1999-0835P4CRITICALCVSS 10.0v51999-11-10
CVE-1999-0835 [CRITICAL] CVE-1999-0835: Denial of service in BIND named via malformed SIG records. Denial of service in BIND named via malformed SIG records.
nvd
CVE-2004-0081P4MEDIUMCVSS 5.0v5.0.6v5.0.72004-11-23
CVE-2004-0081 [MEDIUM] CVE-2004-0081: OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote atta OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
nvd
CVE-2004-1131P4HIGHCVSS 7.2v5.0.6v5.0.72005-02-07
CVE-2004-1131 [HIGH] CVE-2004-1131: Multiple buffer overflows in the enable command for SCO OpenServer 5.0.6 and 5.0.7 allow local users Multiple buffer overflows in the enable command for SCO OpenServer 5.0.6 and 5.0.7 allow local users to execute arbitrary code via long command line arguments.
nvd
CVE-1999-0697P4HIGHCVSS 7.2v5.0.4v5.0.51999-09-09
CVE-1999-0697 [HIGH] CVE-1999-0697: SCO Doctor allows local users to gain root privileges through a Tools option. SCO Doctor allows local users to gain root privileges through a Tools option.
nvd
CVE-2003-0597P4HIGHCVSS 7.2v5.0.6v5.0.72003-08-27
CVE-2003-0597 [HIGH] CVE-2003-0597: Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gai Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges.
nvd
CVE-2003-0791P4CRITICALCVSS 9.8v5.0.72003-10-07
CVE-2003-0791 [CRITICAL] CWE-502 CVE-2003-0791: The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execut The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.
nvd
CVE-1999-1571P4HIGHCVSS 7.2v5.0.0v5.0.51999-11-04
CVE-1999-1571 [HIGH] CVE-1999-1571: Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root pri Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.
nvd
CVE-2003-0742P4HIGHCVSS 7.2v5.0.5v5.0.6+1 more2003-10-06
CVE-2003-0742 [HIGH] CVE-2003-0742: SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_A SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program.
nvd
CVE-1999-0411P4HIGHCVSS 7.2v3.0v51999-03-07
CVE-1999-0411 [HIGH] CVE-1999-0411: Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access.
nvd
CVE-1999-1253P4HIGHCVSS 7.2≤ 5.0.2v5.01996-06-07
CVE-1999-1253 [HIGH] CVE-1999-1253: Vulnerability in a kernel error handling routine in SCO OpenServer 5.0.2 and earlier, and SCO Intern Vulnerability in a kernel error handling routine in SCO OpenServer 5.0.2 and earlier, and SCO Internet FastStart 1.0, allows local users to gain root privileges.
nvd
CVE-1999-1209P4HIGHCVSS 7.2v3.0v5.01997-11-20
CVE-1999-1209 [HIGH] CVE-1999-1209: Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Open Server 3.0 allows local use Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Open Server 3.0 allows local users to gain root privileges.
nvd
CVE-2002-0716P4HIGHCVSS 7.2v5.0.5v5.0.62002-07-26
CVE-2002-0716 [HIGH] CVE-2002-0716: Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument.
nvd
CVE-1999-0131P4HIGHCVSS 7.2v5.0v5.0.21996-09-11
CVE-1999-0131 [HIGH] CVE-1999-0131: Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root a Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
nvd
Sco Openserver vulnerabilities | cvebase