cbcvebase.

Sco Openserver vulnerabilities

68 known vulnerabilities affecting sco/openserver.

Total CVEs
68
CISA KEV
0
Public exploits
19
Exploited in wild
1
Severity breakdown
CRITICAL7HIGH25MEDIUM28LOW8

Vulnerabilities

Page 3 of 4
CVE-2001-0587P4HIGHCVSS 7.2v5.0.62001-08-22
CVE-2001-0587 [HIGH] CVE-2001-0587: deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a local attacker to gain additiona deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command.
nvd
CVE-2002-1199P4MEDIUMCVSS 5.0v5.0.5v5.0.6+1 more2002-10-28
CVE-2002-1199 [MEDIUM] CVE-2002-1199: The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to r The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
nvd
CVE-2005-3624P4MEDIUMCVSS 5.0v5.0.7v6.02005-12-31
CVE-2005-3624 [MEDIUM] CWE-189 CVE-2005-3624: The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, t The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
nvd
CVE-2004-1039P4MEDIUMCVSS 5.0v5.0.6v5.0.72005-01-11
CVE-2004-1039 [MEDIUM] CVE-2004-1039: The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request.
nvd
CVE-1999-0033P4HIGHCVSS 7.2v3.0v5.01997-06-12
CVE-1999-0033 [HIGH] CVE-1999-0033: Command execution in Sun systems via buffer overflow in the at program. Command execution in Sun systems via buffer overflow in the at program.
nvd
CVE-1999-0024P4MEDIUMCVSS 5.0v5.01997-08-13
CVE-1999-0024 [MEDIUM] CVE-1999-0024: DNS cache poisoning via BIND, by predictable query IDs. DNS cache poisoning via BIND, by predictable query IDs.
nvd
CVE-2005-3626P4MEDIUMCVSS 5.0v5.0.7v6.02005-12-31
CVE-2005-3626 [MEDIUM] CWE-399 CVE-2005-3626: Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and oth Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
nvd
CVE-2005-2926P4MEDIUMCVSS 4.6≤ 5.0.72005-10-25
CVE-2005-2926 [MEDIUM] CVE-2005-2926: Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local user Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable.
nvd
CVE-2000-0307P4MEDIUMCVSS 5.0≤ 5.052001-03-12
CVE-2000-0307 [MEDIUM] CVE-2000-0307: Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024.
nvd
CVE-2001-0896P4MEDIUMCVSS 5.0v5.0.52001-11-30
CVE-2001-0896 [MEDIUM] CVE-2001-0896: Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port sc Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO.
nvd
CVE-1999-0096P4MEDIUMCVSS 5.0v5.0v5.0.21996-12-10
CVE-1999-0096 [MEDIUM] CVE-1999-0096: Sendmail decode alias can be used to overwrite sensitive files. Sendmail decode alias can be used to overwrite sensitive files.
nvd
CVE-1999-0011P4MEDIUMCVSS 5.4v5.01998-04-08
CVE-1999-0011 [MEDIUM] CWE-1067 CVE-1999-0011: Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
nvd
CVE-2005-0351P4MEDIUMCVSS 4.6v5.0.6v5.0.72005-04-07
CVE-2005-0351 [MEDIUM] CWE-119 CVE-2005-0351: Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable.
nvd
CVE-1999-0010P4MEDIUMCVSS 5.0v5.01998-04-08
CVE-1999-0010 [MEDIUM] CVE-1999-0010: Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
nvd
CVE-2005-0109P4MEDIUMCVSS 5.6v5.0.72005-03-05
CVE-2005-0109 [MEDIUM] CVE-2005-0109: Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pen Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
nvd
CVE-2001-1508P4MEDIUMCVSS 4.6v5.0v5.0.1+5 more2001-12-31
CVE-2001-1508 [MEDIUM] CVE-2001-1508: Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitra Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument.
nvd
CVE-1999-0078P4LOWCVSS 1.9v51996-04-18
CVE-1999-0078 [LOW] CVE-1999-0078: pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
nvd
CVE-1999-0019P4MEDIUMCVSS 5.0v3.0v5.01996-04-24
CVE-1999-0019 [MEDIUM] CVE-1999-0019: Delete or create a file via rpc.statd, due to invalid information. Delete or create a file via rpc.statd, due to invalid information.
nvd
CVE-1999-0345P4MEDIUMCVSS 5.0v51997-01-01
CVE-1999-0345 [MEDIUM] CVE-1999-0345: Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.
nvd
CVE-2001-0588P4MEDIUMCVSS 4.6v5.0.62001-08-22
CVE-2001-0588 [MEDIUM] CVE-2001-0588: sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command.
nvd