Openserver
by SCO Group
CVEs (74)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-0716 | 0.00 | — | 0.00 | Jul 26, 2002 | Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument. | |||
| CVE-1999-1570 | 0.00 | — | 0.00 | May 1, 2002 | Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter. | |||
| CVE-2001-1508 | 0.00 | — | 0.00 | Dec 31, 2001 | Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument. | |||
| CVE-2001-1578 | 0.00 | — | 0.00 | Dec 31, 2001 | Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors. | |||
| CVE-2001-0896 | 0.00 | — | 0.02 | Nov 30, 2001 | Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO. | |||
| CVE-2001-1062 | 0.00 | — | 0.00 | Aug 31, 2001 | Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local users to execute arbitrary code. | |||
| CVE-2001-0587 | 0.00 | — | 0.01 | Aug 22, 2001 | deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command. | |||
| CVE-2001-0588 | 0.00 | — | 0.00 | Aug 22, 2001 | sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command. | |||
| CVE-2001-0627 | 0.00 | — | 0.00 | Aug 22, 2001 | vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack. | |||
| CVE-2001-1148 | 0.00 | — | 0.00 | Jun 13, 2001 | Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and earlier allow local users to gain privileges via a long TERM environment variable to (1) atcronsh, (2) auditsh, (3) authsh, (4) backupsh, (5) lpsh, (6) sysadm.menu, or (7) termsh. | |||
| CVE-2000-0307 | 0.00 | — | 0.01 | Mar 12, 2001 | Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024. | |||
| CVE-2000-0158 | 0.00 | — | 0.02 | Feb 16, 2000 | Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon. | |||
| CVE-2000-0147 | 0.00 | — | 0.00 | Feb 8, 2000 | snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration. | |||
| CVE-1999-0851 | 0.00 | — | 0.00 | Nov 10, 1999 | Denial of service in BIND named via naptr. | |||
| CVE-1999-0835 | 0.00 | — | 0.01 | Nov 10, 1999 | Denial of service in BIND named via malformed SIG records. | |||
| CVE-1999-1571 | 0.00 | — | 0.00 | Nov 4, 1999 | Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570. | |||
| CVE-1999-0697 | 0.00 | — | 0.00 | Sep 9, 1999 | SCO Doctor allows local users to gain root privileges through a Tools option. | |||
| CVE-1999-0411 | 0.00 | — | 0.00 | Mar 7, 1999 | Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access. | |||
| CVE-1999-0476 | 0.00 | — | 0.00 | Mar 1, 1999 | A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user. | |||
| CVE-1999-1450 | 0.00 | — | 0.02 | Jan 27, 1999 | Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges. |
- CVE-2002-0716Jul 26, 2002risk 0.00cvss —epss 0.00
Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument.
- CVE-1999-1570May 1, 2002risk 0.00cvss —epss 0.00
Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter.
- CVE-2001-1508Dec 31, 2001risk 0.00cvss —epss 0.00
Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument.
- CVE-2001-1578Dec 31, 2001risk 0.00cvss —epss 0.00
Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors.
- CVE-2001-0896Nov 30, 2001risk 0.00cvss —epss 0.02
Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO.
- CVE-2001-1062Aug 31, 2001risk 0.00cvss —epss 0.00
Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local users to execute arbitrary code.
- CVE-2001-0587Aug 22, 2001risk 0.00cvss —epss 0.01
deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command.
- CVE-2001-0588Aug 22, 2001risk 0.00cvss —epss 0.00
sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command.
- CVE-2001-0627Aug 22, 2001risk 0.00cvss —epss 0.00
vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack.
- CVE-2001-1148Jun 13, 2001risk 0.00cvss —epss 0.00
Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and earlier allow local users to gain privileges via a long TERM environment variable to (1) atcronsh, (2) auditsh, (3) authsh, (4) backupsh, (5) lpsh, (6) sysadm.menu, or (7) termsh.
- CVE-2000-0307Mar 12, 2001risk 0.00cvss —epss 0.01
Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024.
- CVE-2000-0158Feb 16, 2000risk 0.00cvss —epss 0.02
Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon.
- CVE-2000-0147Feb 8, 2000risk 0.00cvss —epss 0.00
snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration.
- CVE-1999-0851Nov 10, 1999risk 0.00cvss —epss 0.00
Denial of service in BIND named via naptr.
- CVE-1999-0835Nov 10, 1999risk 0.00cvss —epss 0.01
Denial of service in BIND named via malformed SIG records.
- CVE-1999-1571Nov 4, 1999risk 0.00cvss —epss 0.00
Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.
- CVE-1999-0697Sep 9, 1999risk 0.00cvss —epss 0.00
SCO Doctor allows local users to gain root privileges through a Tools option.
- CVE-1999-0411Mar 7, 1999risk 0.00cvss —epss 0.00
Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access.
- CVE-1999-0476Mar 1, 1999risk 0.00cvss —epss 0.00
A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user.
- CVE-1999-1450Jan 27, 1999risk 0.00cvss —epss 0.02
Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges.
Page 3 of 4