Unixware
by SCO Group
CVEs (68)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0866 | 0.03 | — | 0.01 | Dec 3, 1999 | Buffer overflow in UnixWare xauto program allows local users to gain root privilege. | |||
| CVE-1999-0825 | 0.03 | — | 0.01 | Dec 3, 1999 | The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail. | |||
| CVE-1999-0828 | 0.03 | — | 0.01 | Dec 2, 1999 | UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission. | |||
| CVE-1999-0845 | 0.03 | — | 0.01 | Nov 25, 1999 | Buffer overflow in SCO su program allows local users to gain root access via a long username. | |||
| CVE-1999-0830 | 0.03 | — | 0.01 | Nov 1, 1999 | Buffer overflow in SCO UnixWare Xsco command via a long argument. | |||
| CVE-1999-0836 | 0.03 | — | 0.03 | Dec 2, 1998 | UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack. | |||
| CVE-1999-0023 | 0.03 | — | 0.01 | Jul 24, 1996 | Local user gains root privileges via buffer overflow in rdist, via lookup() function. | |||
| CVE-2004-1307 | 0.01 | — | 0.06 | Dec 21, 2004 | Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a… | |||
| CVE-2009-1552 | 0.00 | — | 0.01 | May 6, 2009 | Unspecified vulnerability in the IGMP driver in SCO Unixware Release 7.1.4 Maintenance Pack 4 allows attackers to cause a denial of service (system panic) via unspecified vectors. | |||
| CVE-2005-3903 | 0.00 | — | 0.01 | Dec 14, 2005 | Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary code via a -S (scheme) argument that specifies a large file, a different vulnerability than CVE-2001-1063. | |||
| CVE-2005-2927 | 0.00 | — | 0.00 | Oct 25, 2005 | Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the (1) prompt or (2) defprompt command. | |||
| CVE-2005-2132 | 0.00 | — | 0.01 | Aug 3, 2005 | RPC portmapper (rpcbind) in SCO UnixWare 7.1.1 m5, 7.1.3 mp5, and 7.1.4 mp2 allows remote attackers or local users to cause a denial of service (lack of response) via multiple invalid portmap requests. | |||
| CVE-2005-0134 | 0.00 | — | 0.00 | May 18, 2005 | The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets. | |||
| CVE-2004-1039 | 0.00 | — | 0.02 | Jan 11, 2005 | The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each… | |||
| CVE-2004-1124 | 0.00 | — | 0.00 | Jan 14, 2004 | Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities. | |||
| CVE-2003-0914 | 0.00 | — | 0.03 | Dec 15, 2003 | ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. | |||
| CVE-2003-0937 | 0.00 | — | 0.00 | Dec 15, 2003 | SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open… | |||
| CVE-2003-0658 | 0.00 | — | 0.02 | Oct 20, 2003 | Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules. | |||
| CVE-2002-1998 | 0.00 | — | 0.03 | Dec 31, 2002 | Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21). | |||
| CVE-2002-1323 | 0.00 | — | 0.00 | Dec 11, 2002 | Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls. |
- CVE-1999-0866Dec 3, 1999risk 0.03cvss —epss 0.01
Buffer overflow in UnixWare xauto program allows local users to gain root privilege.
- CVE-1999-0825Dec 3, 1999risk 0.03cvss —epss 0.01
The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail.
- CVE-1999-0828Dec 2, 1999risk 0.03cvss —epss 0.01
UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission.
- CVE-1999-0845Nov 25, 1999risk 0.03cvss —epss 0.01
Buffer overflow in SCO su program allows local users to gain root access via a long username.
- CVE-1999-0830Nov 1, 1999risk 0.03cvss —epss 0.01
Buffer overflow in SCO UnixWare Xsco command via a long argument.
- CVE-1999-0836Dec 2, 1998risk 0.03cvss —epss 0.03
UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack.
- CVE-1999-0023Jul 24, 1996risk 0.03cvss —epss 0.01
Local user gains root privileges via buffer overflow in rdist, via lookup() function.
- CVE-2004-1307Dec 21, 2004risk 0.01cvss —epss 0.06
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a…
- CVE-2009-1552May 6, 2009risk 0.00cvss —epss 0.01
Unspecified vulnerability in the IGMP driver in SCO Unixware Release 7.1.4 Maintenance Pack 4 allows attackers to cause a denial of service (system panic) via unspecified vectors.
- CVE-2005-3903Dec 14, 2005risk 0.00cvss —epss 0.01
Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary code via a -S (scheme) argument that specifies a large file, a different vulnerability than CVE-2001-1063.
- CVE-2005-2927Oct 25, 2005risk 0.00cvss —epss 0.00
Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the (1) prompt or (2) defprompt command.
- CVE-2005-2132Aug 3, 2005risk 0.00cvss —epss 0.01
RPC portmapper (rpcbind) in SCO UnixWare 7.1.1 m5, 7.1.3 mp5, and 7.1.4 mp2 allows remote attackers or local users to cause a denial of service (lack of response) via multiple invalid portmap requests.
- CVE-2005-0134May 18, 2005risk 0.00cvss —epss 0.00
The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets.
- CVE-2004-1039Jan 11, 2005risk 0.00cvss —epss 0.02
The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each…
- CVE-2004-1124Jan 14, 2004risk 0.00cvss —epss 0.00
Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities.
- CVE-2003-0914Dec 15, 2003risk 0.00cvss —epss 0.03
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
- CVE-2003-0937Dec 15, 2003risk 0.00cvss —epss 0.00
SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open…
- CVE-2003-0658Oct 20, 2003risk 0.00cvss —epss 0.02
Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.
- CVE-2002-1998Dec 31, 2002risk 0.00cvss —epss 0.03
Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21).
- CVE-2002-1323Dec 11, 2002risk 0.00cvss —epss 0.00
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
Page 2 of 4