Openserver
by Caldera
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-25494 | 0.08 | — | 0.39 | Dec 18, 2020 | Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook. | |||
| CVE-2020-25495 | 0.03 | — | 0.08 | Dec 18, 2020 | A reflected Cross-site scripting (XSS) vulnerability in Xinuo (formerly SCO) Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'. | |||
| CVE-2002-0887 | 0.03 | — | 0.01 | Oct 4, 2002 | scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files. | |||
| CVE-2003-0658 | 0.00 | — | 0.02 | Oct 20, 2003 | Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules. | |||
| CVE-2002-0442 | 0.00 | — | 0.00 | Jul 26, 2002 | Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges. | |||
| CVE-1999-1570 | 0.00 | — | 0.00 | May 1, 2002 | Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter. | |||
| CVE-2001-0896 | 0.00 | — | 0.02 | Nov 30, 2001 | Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO. | |||
| CVE-2001-1062 | 0.00 | — | 0.00 | Aug 31, 2001 | Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local users to execute arbitrary code. | |||
| CVE-1999-1571 | 0.00 | — | 0.00 | Nov 4, 1999 | Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570. |
- CVE-2020-25494Dec 18, 2020risk 0.08cvss —epss 0.39
Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook.
- CVE-2020-25495Dec 18, 2020risk 0.03cvss —epss 0.08
A reflected Cross-site scripting (XSS) vulnerability in Xinuo (formerly SCO) Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'.
- CVE-2002-0887Oct 4, 2002risk 0.03cvss —epss 0.01
scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files.
- CVE-2003-0658Oct 20, 2003risk 0.00cvss —epss 0.02
Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.
- CVE-2002-0442Jul 26, 2002risk 0.00cvss —epss 0.00
Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges.
- CVE-1999-1570May 1, 2002risk 0.00cvss —epss 0.00
Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter.
- CVE-2001-0896Nov 30, 2001risk 0.00cvss —epss 0.02
Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO.
- CVE-2001-1062Aug 31, 2001risk 0.00cvss —epss 0.00
Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local users to execute arbitrary code.
- CVE-1999-1571Nov 4, 1999risk 0.00cvss —epss 0.00
Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.