VYPR

Unixware

by SCO Group

CVEs (68)

  • CVE-1999-0866Dec 3, 1999
    risk 0.03cvss epss 0.01

    Buffer overflow in UnixWare xauto program allows local users to gain root privilege.

  • CVE-1999-0825Dec 3, 1999
    risk 0.03cvss epss 0.01

    The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail.

  • CVE-1999-0828Dec 2, 1999
    risk 0.03cvss epss 0.01

    UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission.

  • CVE-1999-0845Nov 25, 1999
    risk 0.03cvss epss 0.01

    Buffer overflow in SCO su program allows local users to gain root access via a long username.

  • CVE-1999-0830Nov 1, 1999
    risk 0.03cvss epss 0.01

    Buffer overflow in SCO UnixWare Xsco command via a long argument.

  • CVE-1999-0836Dec 2, 1998
    risk 0.03cvss epss 0.03

    UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack.

  • CVE-1999-0023Jul 24, 1996
    risk 0.03cvss epss 0.01

    Local user gains root privileges via buffer overflow in rdist, via lookup() function.

  • CVE-2004-1307Dec 21, 2004
    risk 0.01cvss epss 0.06

    Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a…

  • CVE-2009-1552May 6, 2009
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the IGMP driver in SCO Unixware Release 7.1.4 Maintenance Pack 4 allows attackers to cause a denial of service (system panic) via unspecified vectors.

  • CVE-2005-3903Dec 14, 2005
    risk 0.00cvss epss 0.01

    Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary code via a -S (scheme) argument that specifies a large file, a different vulnerability than CVE-2001-1063.

  • CVE-2005-2927Oct 25, 2005
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the (1) prompt or (2) defprompt command.

  • CVE-2005-2132Aug 3, 2005
    risk 0.00cvss epss 0.01

    RPC portmapper (rpcbind) in SCO UnixWare 7.1.1 m5, 7.1.3 mp5, and 7.1.4 mp2 allows remote attackers or local users to cause a denial of service (lack of response) via multiple invalid portmap requests.

  • CVE-2005-0134May 18, 2005
    risk 0.00cvss epss 0.00

    The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets.

  • CVE-2004-1039Jan 11, 2005
    risk 0.00cvss epss 0.02

    The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each…

  • CVE-2004-1124Jan 14, 2004
    risk 0.00cvss epss 0.00

    Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities.

  • CVE-2003-0914Dec 15, 2003
    risk 0.00cvss epss 0.03

    ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

  • CVE-2003-0937Dec 15, 2003
    risk 0.00cvss epss 0.00

    SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open…

  • CVE-2003-0658Oct 20, 2003
    risk 0.00cvss epss 0.02

    Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.

  • CVE-2002-1998Dec 31, 2002
    risk 0.00cvss epss 0.03

    Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21).

  • CVE-2002-1323Dec 11, 2002
    risk 0.00cvss epss 0.00

    Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.