Openserver
by SCO Group
CVEs (74)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2003-0791 | Cri | 0.64 | 9.8 | 0.02 | Oct 7, 2003 | The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed. | ||
| CVE-2004-0079 | Hig | 0.50 | 7.5 | 0.10 | Nov 23, 2004 | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | ||
| CVE-2005-0109 | Med | 0.36 | 5.6 | 0.01 | Mar 5, 2005 | Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as… | ||
| CVE-1999-0011 | Med | 0.36 | 5.4 | 0.05 | Apr 8, 1998 | Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. | ||
| CVE-2001-0797 | 0.10 | — | 0.89 | Dec 12, 2001 | Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. | |||
| CVE-1999-0128 | 0.09 | — | 0.74 | Dec 18, 1996 | Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. | |||
| CVE-1999-0368 | 0.06 | — | 0.39 | Feb 9, 1999 | Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. | |||
| CVE-1999-0153 | 0.05 | — | 0.23 | Jul 1, 1997 | Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke. | |||
| CVE-2006-0072 | 0.03 | — | 0.05 | Jan 4, 2006 | Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector. | |||
| CVE-2005-0993 | 0.03 | — | 0.01 | May 2, 2005 | Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users to execute arbitrary code via a long command line argument. | |||
| CVE-2004-0390 | 0.03 | — | 0.03 | Dec 31, 2004 | SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods. | |||
| CVE-2004-0510 | 0.03 | — | 0.01 | Dec 23, 2004 | Multiple buffer overflows in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to execute arbitrary code, as demonstrated via the execmail program. | |||
| CVE-2004-0511 | 0.03 | — | 0.01 | Dec 23, 2004 | Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a null dereference. | |||
| CVE-2001-0576 | 0.03 | — | 0.01 | Aug 22, 2001 | lpusers as included with SCO OpenServer 5.0 through 5.0.6 allows a local attacker to gain additional privileges via a buffer overflow attack in the '-u' command line parameter. | |||
| CVE-2001-0577 | 0.03 | — | 0.01 | Aug 22, 2001 | recon in SCO OpenServer 5.0 through 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first command line argument. | |||
| CVE-2001-0575 | 0.03 | — | 0.01 | Aug 22, 2001 | Buffer overflow in lpshut in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a long first argument to lpshut. | |||
| CVE-2001-0579 | 0.03 | — | 0.02 | Aug 22, 2001 | lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first argument to the command. | |||
| CVE-2001-0578 | 0.03 | — | 0.01 | Aug 22, 2001 | Buffer overflow in lpforms in SCO OpenServer 5.0-5.0.6 can allow a local attacker to gain additional privileges via a long first argument to the lpforms command. | |||
| CVE-2000-0306 | 0.03 | — | 0.04 | Mar 12, 2001 | Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message. | |||
| CVE-1999-0893 | 0.03 | — | 0.01 | Oct 11, 1999 | userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack. |
- risk 0.64cvss 9.8epss 0.02
The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.
- risk 0.50cvss 7.5epss 0.10
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
- risk 0.36cvss 5.6epss 0.01
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as…
- risk 0.36cvss 5.4epss 0.05
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
- CVE-2001-0797Dec 12, 2001risk 0.10cvss —epss 0.89
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
- CVE-1999-0128Dec 18, 1996risk 0.09cvss —epss 0.74
Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.
- CVE-1999-0368Feb 9, 1999risk 0.06cvss —epss 0.39
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
- CVE-1999-0153Jul 1, 1997risk 0.05cvss —epss 0.23
Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke.
- CVE-2006-0072Jan 4, 2006risk 0.03cvss —epss 0.05
Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector.
- CVE-2005-0993May 2, 2005risk 0.03cvss —epss 0.01
Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users to execute arbitrary code via a long command line argument.
- CVE-2004-0390Dec 31, 2004risk 0.03cvss —epss 0.03
SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods.
- CVE-2004-0510Dec 23, 2004risk 0.03cvss —epss 0.01
Multiple buffer overflows in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to execute arbitrary code, as demonstrated via the execmail program.
- CVE-2004-0511Dec 23, 2004risk 0.03cvss —epss 0.01
Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a null dereference.
- CVE-2001-0576Aug 22, 2001risk 0.03cvss —epss 0.01
lpusers as included with SCO OpenServer 5.0 through 5.0.6 allows a local attacker to gain additional privileges via a buffer overflow attack in the '-u' command line parameter.
- CVE-2001-0577Aug 22, 2001risk 0.03cvss —epss 0.01
recon in SCO OpenServer 5.0 through 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first command line argument.
- CVE-2001-0575Aug 22, 2001risk 0.03cvss —epss 0.01
Buffer overflow in lpshut in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a long first argument to lpshut.
- CVE-2001-0579Aug 22, 2001risk 0.03cvss —epss 0.02
lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first argument to the command.
- CVE-2001-0578Aug 22, 2001risk 0.03cvss —epss 0.01
Buffer overflow in lpforms in SCO OpenServer 5.0-5.0.6 can allow a local attacker to gain additional privileges via a long first argument to the lpforms command.
- CVE-2000-0306Mar 12, 2001risk 0.03cvss —epss 0.04
Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message.
- CVE-1999-0893Oct 11, 1999risk 0.03cvss —epss 0.01
userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack.
Page 1 of 4