cbcvebase.

Sco Unixware vulnerabilities

64 known vulnerabilities affecting sco/unixware.

Total CVEs
64
CISA KEV
0
Public exploits
25
Exploited in wild
0
Severity breakdown
CRITICAL8HIGH25MEDIUM24LOW7

Vulnerabilities

Page 2 of 4
CVE-2004-1307P3HIGHCVSS 7.5v7.1.42004-12-21
CVE-2004-1307 [HIGH] CVE-2004-1307: Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remot Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.
nvd
CVE-2000-0224P4LOWCVSS 1.2PoCv7.1v7.1.12000-02-15
CVE-2000-0224 [LOW] CVE-2000-0224: ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink atta ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack.
nvd
CVE-2000-0348P4CRITICALCVSS 10.0≤ 7.1.02001-03-12
CVE-2000-0348 [CRITICAL] CVE-2000-0348: A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 an A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges.
nvd
CVE-2000-0308P4CRITICALCVSS 10.0≤ 2.1.3v7.02001-03-12
CVE-2000-0308 [CRITICAL] CVE-2000-0308: Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.
nvd
CVE-1999-0828P4LOWCVSS 3.6PoCv7.0v7.11999-12-02
CVE-1999-0828 [LOW] CVE-1999-0828: UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary file UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission.
nvd
CVE-2004-0996P4LOWCVSS 2.1PoCv7.1.1v7.1.3+1 more2005-01-10
CVE-2004-0996 [LOW] CVE-2004-0996: main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows loca main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
nvd
CVE-2000-0154P4LOWCVSS 1.2PoCv7.1v7.1.12000-02-16
CVE-2000-0154 [LOW] CVE-2000-0154: The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack.
nvd
CVE-2002-1998P4HIGHCVSS 7.5v7.1.12002-12-31
CVE-2002-1998 [HIGH] CVE-2002-1998: Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to exe Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21).
nvd
CVE-1999-1450P4HIGHCVSS 7.5≤ 2.1.3≤ 7.0.11999-01-27
CVE-1999-1450 [HIGH] CVE-1999-1450: Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges.
nvd
CVE-1999-0825P4LOWCVSS 3.6PoCv7.0v7.0.1+1 more1999-12-03
CVE-1999-0825 [LOW] CVE-1999-0825: The default permissions for UnixWare /var/mail allow local users to read and modify other users' mai The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail.
nvd
CVE-2009-1552P4HIGHCVSS 7.8v7.1.42009-05-06
CVE-2009-1552 [HIGH] CVE-2009-1552: Unspecified vulnerability in the IGMP driver in SCO Unixware Release 7.1.4 Maintenance Pack 4 allows Unspecified vulnerability in the IGMP driver in SCO Unixware Release 7.1.4 Maintenance Pack 4 allows attackers to cause a denial of service (system panic) via unspecified vectors.
nvd
CVE-1999-0798P4CRITICALCVSS 10.0v7.0v7.0.11998-12-04
CVE-1999-0798 [CRITICAL] CVE-1999-0798: Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type. Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
nvd
CVE-1999-1252P4HIGHCVSS 7.2v2.0.xv2.1.01996-09-04
CVE-1999-1252 [HIGH] CVE-1999-1252: Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access arbitrary files and gain root privileges.
nvd
CVE-1999-0017P4HIGHCVSS 7.5v2.11997-12-10
CVE-1999-0017 [HIGH] CVE-1999-0017: FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP clien FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
nvd
CVE-1999-0835P4CRITICALCVSS 10.0v2v71999-11-10
CVE-1999-0835 [CRITICAL] CVE-1999-0835: Denial of service in BIND named via malformed SIG records. Denial of service in BIND named via malformed SIG records.
nvd
CVE-2005-2927P4HIGHCVSS 7.2v7.1.3v7.1.42005-10-25
CVE-2005-2927 [HIGH] CVE-2005-2927: Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, a Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the (1) prompt or (2) defprompt command.
nvd
CVE-2003-0658P4MEDIUMCVSS 5.0v7.1.32003-10-20
CVE-2003-0658 [MEDIUM] CVE-2003-0658: Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Ap Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.
nvd
CVE-2000-0130P4HIGHCVSS 7.2v7.0v7.0.1+1 more2000-01-27
CVE-2000-0130 [HIGH] CVE-2000-0130: Buffer overflow in SCO scohelp program allows remote attackers to execute commands. Buffer overflow in SCO scohelp program allows remote attackers to execute commands.
nvd
CVE-1999-0942P4HIGHCVSS 7.2v7.11999-10-04
CVE-1999-0942 [HIGH] CVE-1999-0942: UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmenta UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes.
nvd
CVE-2000-0099P4HIGHCVSS 7.2v7.0.0v7.0.1+1 more2000-01-18
CVE-2000-0099 [HIGH] CVE-2000-0099: Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument.
nvd
Sco Unixware vulnerabilities | cvebase