Sco Unixware vulnerabilities
64 known vulnerabilities affecting sco/unixware.
Total CVEs
64
CISA KEV
0
Public exploits
25
Exploited in wild
0
Severity breakdown
CRITICAL8HIGH25MEDIUM24LOW7
Vulnerabilities
Page 3 of 4
CVE-1999-0988HIGHCVSS 7.2PoCv2.0v2.0.3+6 more1999-12-04
CVE-1999-0988 [HIGH] CVE-1999-0988: UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack.
UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack.
nvd
CVE-1999-0864HIGHCVSS 7.2PoCv7.0v7.0.1+2 more1999-12-03
CVE-1999-0864 [HIGH] CVE-1999-0864: UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./co
UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file.
nvd
CVE-1999-0866HIGHCVSS 7.2PoCv7.0v7.0.1+2 more1999-12-03
CVE-1999-0866 [HIGH] CVE-1999-0866: Buffer overflow in UnixWare xauto program allows local users to gain root privilege.
Buffer overflow in UnixWare xauto program allows local users to gain root privilege.
nvd
CVE-1999-0825LOWCVSS 3.6PoCv7.0v7.0.1+1 more1999-12-03
CVE-1999-0825 [LOW] CVE-1999-0825: The default permissions for UnixWare /var/mail allow local users to read and modify other users' mai
The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail.
nvd
CVE-1999-0828LOWCVSS 3.6PoCv7.0v7.11999-12-02
CVE-1999-0828 [LOW] CVE-1999-0828: UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary file
UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission.
nvd
CVE-1999-0845HIGHCVSS 7.2PoCv7.01999-11-25
CVE-1999-0845 [HIGH] CVE-1999-0845: Buffer overflow in SCO su program allows local users to gain root access via a long username.
Buffer overflow in SCO su program allows local users to gain root access via a long username.
nvd
CVE-1999-0835CRITICALCVSS 10.0v2v71999-11-10
CVE-1999-0835 [CRITICAL] CVE-1999-0835: Denial of service in BIND named via malformed SIG records.
Denial of service in BIND named via malformed SIG records.
nvd
CVE-1999-0830HIGHCVSS 7.2PoCv7.01999-11-01
CVE-1999-0830 [HIGH] CVE-1999-0830: Buffer overflow in SCO UnixWare Xsco command via a long argument.
Buffer overflow in SCO UnixWare Xsco command via a long argument.
nvd
CVE-1999-0942HIGHCVSS 7.2v7.11999-10-04
CVE-1999-0942 [HIGH] CVE-1999-0942: UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmenta
UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes.
nvd
CVE-1999-0368CRITICALCVSS 10.0PoCv7.0v7.0.11999-02-09
CVE-1999-0368 [CRITICAL] CVE-1999-0368: Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
nvd
CVE-1999-1450HIGHCVSS 7.5≤ 2.1.3≤ 7.0.11999-01-27
CVE-1999-1450 [HIGH] CVE-1999-1450: Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and
Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges.
nvd
CVE-1999-0798CRITICALCVSS 10.0v7.0v7.0.11998-12-04
CVE-1999-0798 [CRITICAL] CVE-1999-0798: Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
nvd
CVE-1999-0836CRITICALCVSS 10.0PoCv7.0v7.0.1+2 more1998-12-02
CVE-1999-0836 [CRITICAL] CVE-1999-0836: UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack.
UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack.
nvd
CVE-1999-0009CRITICALCVSS 10.0PoCv2.1v7.01998-04-08
CVE-1999-0009 [CRITICAL] CVE-1999-0009: Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
nvd
CVE-1999-0011MEDIUMCVSS 5.4v2.1v7.01998-04-08
CVE-1999-0011 [MEDIUM] CWE-1067 CVE-1999-0011: Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
nvd
CVE-1999-0010MEDIUMCVSS 5.0v2.1v7.01998-04-08
CVE-1999-0010 [MEDIUM] CVE-1999-0010: Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
nvd
CVE-1999-0004MEDIUMCVSS 5.0v7.01997-12-16
CVE-1999-0004 [MEDIUM] CVE-1999-0004: MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.
MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.
nvd
CVE-1999-0017HIGHCVSS 7.5v2.11997-12-10
CVE-1999-0017 [HIGH] CVE-1999-0017: FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP clien
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
nvd
CVE-1999-0024MEDIUMCVSS 5.0v2.11997-08-13
CVE-1999-0024 [MEDIUM] CVE-1999-0024: DNS cache poisoning via BIND, by predictable query IDs.
DNS cache poisoning via BIND, by predictable query IDs.
nvd
CVE-1999-0033HIGHCVSS 7.2v2.1v3.2v41997-06-12
CVE-1999-0033 [HIGH] CVE-1999-0033: Command execution in Sun systems via buffer overflow in the at program.
Command execution in Sun systems via buffer overflow in the at program.
nvd