cbcvebase.

Sco Unixware vulnerabilities

64 known vulnerabilities affecting sco/unixware.

Total CVEs
64
CISA KEV
0
Public exploits
25
Exploited in wild
0
Severity breakdown
CRITICAL8HIGH25MEDIUM24LOW7

Vulnerabilities

Page 3 of 4
CVE-2000-0842P4MEDIUMCVSS 5.0v7.02000-11-14
CVE-2000-0842 [MEDIUM] CVE-2000-0842: The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbi The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.
nvd
CVE-2003-0914P4MEDIUMCVSS 4.3v7.1.12003-12-15
CVE-2003-0914 [MEDIUM] CVE-2003-0914: ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
nvd
CVE-2000-0215P4HIGHCVSS 7.2v7.0v7.0.1+2 more2000-02-08
CVE-2000-0215 [HIGH] CVE-2000-0215: Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges. Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges.
nvd
CVE-2004-1039P4MEDIUMCVSS 5.0v7.1.1v7.1.3+1 more2005-01-11
CVE-2004-1039 [MEDIUM] CVE-2004-1039: The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request.
nvd
CVE-1999-0033P4HIGHCVSS 7.2v2.1v3.2v41997-06-12
CVE-1999-0033 [HIGH] CVE-1999-0033: Command execution in Sun systems via buffer overflow in the at program. Command execution in Sun systems via buffer overflow in the at program.
nvd
CVE-1999-0024P4MEDIUMCVSS 5.0v2.11997-08-13
CVE-1999-0024 [MEDIUM] CVE-1999-0024: DNS cache poisoning via BIND, by predictable query IDs. DNS cache poisoning via BIND, by predictable query IDs.
nvd
CVE-2005-3903P4MEDIUMCVSS 4.6v7.1.3v7.1.42005-12-14
CVE-2005-3903 [MEDIUM] CVE-2005-3903: Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary code via a -S (scheme) argument that specifies a large file, a different vulnerability than CVE-2001-1063.
nvd
CVE-1999-0004P4MEDIUMCVSS 5.0v7.01997-12-16
CVE-1999-0004 [MEDIUM] CVE-1999-0004: MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook. MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.
nvd
CVE-2000-0173P4MEDIUMCVSS 5.0v7.1v7.1.12000-03-10
CVE-2000-0173 [MEDIUM] CVE-2000-0173: Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service.
nvd
CVE-2001-1579P4MEDIUMCVSS 5.0v72001-12-31
CVE-2001-1579 [MEDIUM] CVE-2001-1579: The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain st The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.
nvd
CVE-2000-0307P4MEDIUMCVSS 5.0≤ 2.1.32001-03-12
CVE-2000-0307 [MEDIUM] CVE-2000-0307: Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024.
nvd
CVE-1999-0011P4MEDIUMCVSS 5.4v2.1v7.01998-04-08
CVE-1999-0011 [MEDIUM] CWE-1067 CVE-1999-0011: Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
nvd
CVE-2000-0029P4MEDIUMCVSS 4.6v7.11999-12-27
CVE-2000-0029 [MEDIUM] CVE-2000-0029: UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack. UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack.
nvd
CVE-1999-0010P4MEDIUMCVSS 5.0v2.1v7.01998-04-08
CVE-1999-0010 [MEDIUM] CVE-1999-0010: Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
nvd
CVE-2005-0109P4MEDIUMCVSS 5.6v7.1.3v7.1.3_up+1 more2005-03-05
CVE-2005-0109 [MEDIUM] CVE-2005-0109: Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pen Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
nvd
CVE-1999-0078P4LOWCVSS 1.9v2.11996-04-18
CVE-1999-0078 [LOW] CVE-1999-0078: pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
nvd
CVE-1999-0019P4MEDIUMCVSS 5.0v21996-04-24
CVE-1999-0019 [MEDIUM] CVE-1999-0019: Delete or create a file via rpc.statd, due to invalid information. Delete or create a file via rpc.statd, due to invalid information.
nvd
CVE-2000-0349P4MEDIUMCVSS 5.0≤ 7.1.02001-03-12
CVE-2000-0349 [MEDIUM] CVE-2000-0349: Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of s Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of service.
nvd
CVE-2005-0134P4MEDIUMCVSS 4.6v7.1.1v7.1.3+1 more2005-05-18
CVE-2005-0134 [MEDIUM] CVE-2005-0134: The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets.
nvd
CVE-2000-0351P4MEDIUMCVSS 4.6≤ 7.1.02001-03-12
CVE-2000-0351 [MEDIUM] CVE-2000-0351: Some packaging commands in SCO UnixWare 7.1.0 have insecure privileges, which allows local users to Some packaging commands in SCO UnixWare 7.1.0 have insecure privileges, which allows local users to add or remove software packages.
nvd
Sco Unixware vulnerabilities | cvebase