VYPR

Vendor CVEs

Caldera

All CVEs

95 total · sorted by risk
  • CVE-2002-0442Jul 26, 2002
    risk 0.00cvss epss 0.00

    Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges.

  • CVE-1999-1570May 1, 2002
    risk 0.00cvss epss 0.00

    Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter.

  • CVE-2002-0105Mar 25, 2002
    risk 0.00cvss epss 0.00

    CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating systems, allows local users to gain privileges via a symlink attack on /var/dt/Xerrors since /var/dt is world-writable.

  • CVE-2002-0164Mar 15, 2002
    risk 0.00cvss epss 0.00

    Vulnerability in the MIT-SHM extension of the X server on Linux (XFree86) 4.2.1 and earlier allows local users to read and write arbitrary shared memory, possibly to cause a denial of service or gain privileges.

  • CVE-2001-1576Dec 31, 2001
    risk 0.00cvss epss 0.01

    Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument.

  • CVE-2001-1577Dec 31, 2001
    risk 0.00cvss epss 0.01

    Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to gain privileges when the session is reused.

  • CVE-2001-1478Dec 31, 2001
    risk 0.00cvss epss 0.00

    Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code.

  • CVE-2001-1579Dec 31, 2001
    risk 0.00cvss epss 0.01

    The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.

  • CVE-2001-0869Dec 21, 2001
    risk 0.00cvss epss 0.03

    Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.

  • CVE-2001-0850Dec 6, 2001
    risk 0.00cvss epss 0.02

    A configuration error in the libdb1 package in OpenLinux 3.1 uses insecure versions of the snprintf and vsnprintf functions, which could allow local or remote users to exploit those functions with a buffer overflow.

  • CVE-2001-0851Dec 6, 2001
    risk 0.00cvss epss 0.03

    Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie.

  • CVE-2001-0858Dec 6, 2001
    risk 0.00cvss epss 0.00

    Buffer overflow in pppattach and other linked PPP utilities in Caldera Open Unix 8.0 and UnixWare 7.1.0 and 7.1.1 allows local users to gain privileges.

  • CVE-2001-0896Nov 30, 2001
    risk 0.00cvss epss 0.02

    Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO.

  • CVE-2000-1195Aug 31, 2001
    risk 0.00cvss epss 0.02

    telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option.

  • CVE-2001-1062Aug 31, 2001
    risk 0.00cvss epss 0.00

    Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local users to execute arbitrary code.

  • CVE-2001-1063Aug 31, 2001
    risk 0.00cvss epss 0.00

    Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7 allows local users to gain root privileges via a long -S (scheme) command line argument.

  • CVE-2001-1153Aug 28, 2001
    risk 0.00cvss epss 0.00

    lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument.

  • CVE-2000-0892Jul 21, 2001
    risk 0.00cvss epss 0.01

    Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL.

  • CVE-2001-1030Jul 18, 2001
    risk 0.00cvss epss 0.02

    Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.

  • CVE-2001-0980Jul 17, 2001
    risk 0.00cvss epss 0.02

    docview before 1.0-15 allows remote attackers to execute arbitrary commands via shell metacharacters that are processed when converting a man page to a web page.

  • CVE-2001-1164Jun 27, 2001
    risk 0.00cvss epss 0.01

    Buffer overflow in uucp utilities in UnixWare 7 allows local users to execute arbitrary code via long command line arguments to (1) uucp, (2) uux, (3) bnuconvert, (4) uucico, (5) uuxcmd, or (6) uuxqt.

  • CVE-2001-1359Jun 8, 2001
    risk 0.00cvss epss 0.03

    Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server.

  • CVE-2001-0181Mar 26, 2001
    risk 0.00cvss epss 0.05

    Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands.

  • CVE-2001-0178Mar 26, 2001
    risk 0.00cvss epss 0.00

    kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.

  • CVE-2001-0139Mar 12, 2001
    risk 0.00cvss epss 0.00

    inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

  • CVE-2000-0360Oct 20, 2000
    risk 0.00cvss epss 0.03

    Buffer overflow in INN 2.2.1 and earlier allows remote attackers to cause a denial of service via a maliciously formatted article.

  • CVE-2000-0667Jul 27, 2000
    risk 0.00cvss epss 0.00

    Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a denial of service.

  • CVE-2000-0372Jul 12, 2000
    risk 0.00cvss epss 0.00

    Vulnerability in Caldera rmt command in the dump package 0.4b4 allows a local user to gain root privileges.

  • CVE-2000-0566Jul 3, 2000
    risk 0.00cvss epss 0.00

    makewhatis in Linux man package allows local users to overwrite files via a symlink attack.

  • CVE-1999-1571Nov 4, 1999
    risk 0.00cvss epss 0.00

    Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.

  • CVE-2000-0369Oct 8, 1999
    risk 0.00cvss epss 0.02

    The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows remote attackers to cause a denial of service.

  • CVE-1999-0880Oct 1, 1999
    risk 0.00cvss epss 0.01

    Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly.

  • CVE-1999-0872Aug 25, 1999
    risk 0.00cvss epss 0.00

    Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.

  • CVE-2000-0374Aug 22, 1999
    risk 0.00cvss epss 0.04

    The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions.

  • CVE-1999-0731Jun 23, 1999
    risk 0.00cvss epss 0.00

    The KDE klock program allows local users to unlock a session using malformed input.

  • CVE-1999-0712Apr 27, 1999
    risk 0.00cvss epss 0.00

    A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.

  • CVE-1999-0439Apr 5, 1999
    risk 0.00cvss epss 0.02

    Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file.

  • CVE-1999-0434Mar 30, 1999
    risk 0.00cvss epss 0.01

    XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

  • CVE-2000-0370Jan 29, 1999
    risk 0.00cvss epss 0.05

    The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for the rmail command.

  • CVE-1999-0390Jan 4, 1999
    risk 0.00cvss epss 0.00

    Buffer overflow in Dosemu Slang library in Linux.

  • CVE-1999-1288Nov 19, 1998
    risk 0.00cvss epss 0.00

    Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program.

  • CVE-1999-0017Dec 10, 1997
    risk 0.00cvss epss 0.02

    FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.

  • CVE-1999-1182Jul 17, 1997
    risk 0.00cvss epss 0.00

    Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.

  • CVE-1999-0047Jan 28, 1997
    risk 0.00cvss epss 0.03

    MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.

  • CVE-1999-0234Oct 8, 1996
    risk 0.00cvss epss 0.00

    Bash treats any character with a value of 255 as a command separator.

Page 2 of 2