Sco Unixware vulnerabilities
64 known vulnerabilities affecting sco/unixware.
Total CVEs
64
CISA KEV
0
Public exploits
25
Exploited in wild
0
Severity breakdown
CRITICAL8HIGH25MEDIUM24LOW7
Vulnerabilities
Page 2 of 4
CVE-2004-1307P3HIGHCVSS 7.5v7.1.42004-12-21
CVE-2004-1307 [HIGH] CVE-2004-1307: Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remot
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.
nvd
CVE-2000-0224P4LOWCVSS 1.2PoCv7.1v7.1.12000-02-15
CVE-2000-0224 [LOW] CVE-2000-0224: ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink atta
ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack.
nvd
CVE-2000-0348P4CRITICALCVSS 10.0≤ 7.1.02001-03-12
CVE-2000-0348 [CRITICAL] CVE-2000-0348: A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 an
A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges.
nvd
CVE-2000-0308P4CRITICALCVSS 10.0≤ 2.1.3v7.02001-03-12
CVE-2000-0308 [CRITICAL] CVE-2000-0308: Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server
Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.
nvd
CVE-1999-0828P4LOWCVSS 3.6PoCv7.0v7.11999-12-02
CVE-1999-0828 [LOW] CVE-1999-0828: UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary file
UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission.
nvd
CVE-2004-0996P4LOWCVSS 2.1PoCv7.1.1v7.1.3+1 more2005-01-10
CVE-2004-0996 [LOW] CVE-2004-0996: main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows loca
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
nvd
CVE-2000-0154P4LOWCVSS 1.2PoCv7.1v7.1.12000-02-16
CVE-2000-0154 [LOW] CVE-2000-0154: The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack
The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack.
nvd
CVE-2002-1998P4HIGHCVSS 7.5v7.1.12002-12-31
CVE-2002-1998 [HIGH] CVE-2002-1998: Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to exe
Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21).
nvd
CVE-1999-1450P4HIGHCVSS 7.5≤ 2.1.3≤ 7.0.11999-01-27
CVE-1999-1450 [HIGH] CVE-1999-1450: Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and
Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges.
nvd
CVE-1999-0825P4LOWCVSS 3.6PoCv7.0v7.0.1+1 more1999-12-03
CVE-1999-0825 [LOW] CVE-1999-0825: The default permissions for UnixWare /var/mail allow local users to read and modify other users' mai
The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail.
nvd
CVE-2009-1552P4HIGHCVSS 7.8v7.1.42009-05-06
CVE-2009-1552 [HIGH] CVE-2009-1552: Unspecified vulnerability in the IGMP driver in SCO Unixware Release 7.1.4 Maintenance Pack 4 allows
Unspecified vulnerability in the IGMP driver in SCO Unixware Release 7.1.4 Maintenance Pack 4 allows attackers to cause a denial of service (system panic) via unspecified vectors.
nvd
CVE-1999-0798P4CRITICALCVSS 10.0v7.0v7.0.11998-12-04
CVE-1999-0798 [CRITICAL] CVE-1999-0798: Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
nvd
CVE-1999-1252P4HIGHCVSS 7.2v2.0.xv2.1.01996-09-04
CVE-1999-1252 [HIGH] CVE-1999-1252: Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access
Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access arbitrary files and gain root privileges.
nvd
CVE-1999-0017P4HIGHCVSS 7.5v2.11997-12-10
CVE-1999-0017 [HIGH] CVE-1999-0017: FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP clien
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
nvd
CVE-1999-0835P4CRITICALCVSS 10.0v2v71999-11-10
CVE-1999-0835 [CRITICAL] CVE-1999-0835: Denial of service in BIND named via malformed SIG records.
Denial of service in BIND named via malformed SIG records.
nvd
CVE-2005-2927P4HIGHCVSS 7.2v7.1.3v7.1.42005-10-25
CVE-2005-2927 [HIGH] CVE-2005-2927: Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, a
Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the (1) prompt or (2) defprompt command.
nvd
CVE-2003-0658P4MEDIUMCVSS 5.0v7.1.32003-10-20
CVE-2003-0658 [MEDIUM] CVE-2003-0658: Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Ap
Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.
nvd
CVE-2000-0130P4HIGHCVSS 7.2v7.0v7.0.1+1 more2000-01-27
CVE-2000-0130 [HIGH] CVE-2000-0130: Buffer overflow in SCO scohelp program allows remote attackers to execute commands.
Buffer overflow in SCO scohelp program allows remote attackers to execute commands.
nvd
CVE-1999-0942P4HIGHCVSS 7.2v7.11999-10-04
CVE-1999-0942 [HIGH] CVE-1999-0942: UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmenta
UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes.
nvd
CVE-2000-0099P4HIGHCVSS 7.2v7.0.0v7.0.1+1 more2000-01-18
CVE-2000-0099 [HIGH] CVE-2000-0099: Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt
Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument.
nvd