cbcvebase.

Sco Unixware vulnerabilities

64 known vulnerabilities affecting sco/unixware.

Total CVEs
64
CISA KEV
0
Public exploits
25
Exploited in wild
0
Severity breakdown
CRITICAL8HIGH25MEDIUM24LOW7

Vulnerabilities

Page 1 of 4
CVE-1999-0368P3CRITICALCVSS 10.0PoCv7.0v7.0.11999-02-09
CVE-1999-0368 [CRITICAL] CVE-1999-0368: Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
nvd
CVE-1999-0009P3CRITICALCVSS 10.0PoCv2.1v7.01998-04-08
CVE-1999-0009 [CRITICAL] CVE-1999-0009: Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
nvd
CVE-2000-1014P3HIGHCVSS 7.5PoCv7.02000-12-11
CVE-2000-1014 [HIGH] CVE-2000-1014: Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 al Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter.
nvd
CVE-2000-0026P3CRITICALCVSS 10.0PoCv7.11999-12-21
CVE-2000-0026 [CRITICAL] CVE-2000-0026: Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string.
nvd
CVE-2008-6559P4HIGHCVSS 7.2PoCv7.1.42009-03-30
CVE-2008-6559 [HIGH] CWE-20 CVE-2008-6559: Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a crafted -d argument that contains .. (dot dot) sequences that point to a directory containing a file whose name includes shell metacharacters.
nvd
CVE-1999-0836P4CRITICALCVSS 10.0PoCv7.0v7.0.1+2 more1998-12-02
CVE-1999-0836 [CRITICAL] CVE-1999-0836: UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack. UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack.
nvd
CVE-2008-6558P4HIGHCVSS 7.2PoCv7.1.42009-03-30
CVE-2008-6558 [HIGH] CWE-20 CVE-2008-6558: Untrusted search path vulnerability in (1) hvdisp and (2) rcvm in ReliantHA 1.1.4 in SCO UnixWare 7. Untrusted search path vulnerability in (1) hvdisp and (2) rcvm in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges by modifying the RELIANT_PATH environment variable to point to a malicious bin/hvenv program.
nvd
CVE-2008-0310P4MEDIUMCVSS 6.9PoCv7.1.42008-04-07
CVE-2008-0310 [MEDIUM] CWE-22 CVE-2008-0310: Directory traversal vulnerability in pkgadd in SCO UnixWare 7.1.4 before p534589 allows local users Directory traversal vulnerability in pkgadd in SCO UnixWare 7.1.4 before p534589 allows local users to create or append to arbitrary files via ".." sequences in an unspecified environment variable, probably PKGINST.
nvd
CVE-2005-2934P4HIGHCVSS 7.2PoCv7.1.3v7.1.42005-12-31
CVE-2005-2934 [HIGH] CVE-2005-2934: Unspecified vulnerability in ptrace in SCO UnixWare 7.1.3 and 7.1.4 allows local users to gain privi Unspecified vulnerability in ptrace in SCO UnixWare 7.1.3 and 7.1.4 allows local users to gain privileges via unspecified vectors.
nvd
CVE-2003-0834P4HIGHCVSS 7.2PoCv7.1.1v7.1.32003-12-01
CVE-2003-0834 [HIGH] CVE-2003-0834: Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modi Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.
nvd
CVE-1999-0979P4HIGHCVSS 7.2PoCv7.0v7.0.1+2 more2000-04-11
CVE-1999-0979 [HIGH] CVE-1999-0979: The SCO UnixWare privileged process system allows local users to gain root privileges by using a deb The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is executed.
nvd
CVE-1999-0693P4HIGHCVSS 7.2PoCv72000-03-02
CVE-1999-0693 [HIGH] CVE-1999-0693: Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
nvd
CVE-1999-0845P4HIGHCVSS 7.2PoCv7.01999-11-25
CVE-1999-0845 [HIGH] CVE-1999-0845: Buffer overflow in SCO su program allows local users to gain root access via a long username. Buffer overflow in SCO su program allows local users to gain root access via a long username.
nvd
CVE-1999-0023P4HIGHCVSS 7.2PoCv2.0v2.11996-07-24
CVE-1999-0023 [HIGH] CVE-1999-0023: Local user gains root privileges via buffer overflow in rdist, via lookup() function. Local user gains root privileges via buffer overflow in rdist, via lookup() function.
nvd
CVE-1999-0866P4HIGHCVSS 7.2PoCv7.0v7.0.1+2 more1999-12-03
CVE-1999-0866 [HIGH] CVE-1999-0866: Buffer overflow in UnixWare xauto program allows local users to gain root privilege. Buffer overflow in UnixWare xauto program allows local users to gain root privilege.
nvd
CVE-2008-1343P4MEDIUMCVSS 4.9PoCv7.1.42008-03-17
CVE-2008-1343 [MEDIUM] CWE-22 CVE-2008-1343: Directory traversal vulnerability in (1) pkgadd and (2) pkgrm in SCO UnixWare 7.1.4 allows local use Directory traversal vulnerability in (1) pkgadd and (2) pkgrm in SCO UnixWare 7.1.4 allows local users to gain privileges via unknown vectors.
nvd
CVE-1999-0988P4HIGHCVSS 7.2PoCv2.0v2.0.3+6 more1999-12-04
CVE-1999-0988 [HIGH] CVE-1999-0988: UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack. UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack.
nvd
CVE-2006-4655P4MEDIUMCVSS 4.6PoCv7.1.32006-09-09
CVE-2006-4655 [MEDIUM] CVE-2006-4655: Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and ear Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable value.
nvd
CVE-1999-0830P4HIGHCVSS 7.2PoCv7.01999-11-01
CVE-1999-0830 [HIGH] CVE-1999-0830: Buffer overflow in SCO UnixWare Xsco command via a long argument. Buffer overflow in SCO UnixWare Xsco command via a long argument.
nvd
CVE-1999-0864P4HIGHCVSS 7.2PoCv7.0v7.0.1+2 more1999-12-03
CVE-1999-0864 [HIGH] CVE-1999-0864: UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./co UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file.
nvd
Sco Unixware vulnerabilities | cvebase