Vendor CVEs
Caldera
All CVEs
95 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-0442 | 0.00 | — | 0.00 | Jul 26, 2002 | Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges. | |||
| CVE-1999-1570 | 0.00 | — | 0.00 | May 1, 2002 | Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter. | |||
| CVE-2002-0105 | 0.00 | — | 0.00 | Mar 25, 2002 | CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating systems, allows local users to gain privileges via a symlink attack on /var/dt/Xerrors since /var/dt is world-writable. | |||
| CVE-2002-0164 | 0.00 | — | 0.00 | Mar 15, 2002 | Vulnerability in the MIT-SHM extension of the X server on Linux (XFree86) 4.2.1 and earlier allows local users to read and write arbitrary shared memory, possibly to cause a denial of service or gain privileges. | |||
| CVE-2001-1576 | 0.00 | — | 0.01 | Dec 31, 2001 | Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument. | |||
| CVE-2001-1577 | 0.00 | — | 0.01 | Dec 31, 2001 | Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to gain privileges when the session is reused. | |||
| CVE-2001-1478 | 0.00 | — | 0.00 | Dec 31, 2001 | Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code. | |||
| CVE-2001-1579 | 0.00 | — | 0.01 | Dec 31, 2001 | The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service. | |||
| CVE-2001-0869 | 0.00 | — | 0.03 | Dec 21, 2001 | Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands. | |||
| CVE-2001-0850 | 0.00 | — | 0.02 | Dec 6, 2001 | A configuration error in the libdb1 package in OpenLinux 3.1 uses insecure versions of the snprintf and vsnprintf functions, which could allow local or remote users to exploit those functions with a buffer overflow. | |||
| CVE-2001-0851 | 0.00 | — | 0.03 | Dec 6, 2001 | Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie. | |||
| CVE-2001-0858 | 0.00 | — | 0.00 | Dec 6, 2001 | Buffer overflow in pppattach and other linked PPP utilities in Caldera Open Unix 8.0 and UnixWare 7.1.0 and 7.1.1 allows local users to gain privileges. | |||
| CVE-2001-0896 | 0.00 | — | 0.02 | Nov 30, 2001 | Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO. | |||
| CVE-2000-1195 | 0.00 | — | 0.02 | Aug 31, 2001 | telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option. | |||
| CVE-2001-1062 | 0.00 | — | 0.00 | Aug 31, 2001 | Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local users to execute arbitrary code. | |||
| CVE-2001-1063 | 0.00 | — | 0.00 | Aug 31, 2001 | Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7 allows local users to gain root privileges via a long -S (scheme) command line argument. | |||
| CVE-2001-1153 | 0.00 | — | 0.00 | Aug 28, 2001 | lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument. | |||
| CVE-2000-0892 | 0.00 | — | 0.01 | Jul 21, 2001 | Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL. | |||
| CVE-2001-1030 | 0.00 | — | 0.02 | Jul 18, 2001 | Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning. | |||
| CVE-2001-0980 | 0.00 | — | 0.02 | Jul 17, 2001 | docview before 1.0-15 allows remote attackers to execute arbitrary commands via shell metacharacters that are processed when converting a man page to a web page. | |||
| CVE-2001-1164 | 0.00 | — | 0.01 | Jun 27, 2001 | Buffer overflow in uucp utilities in UnixWare 7 allows local users to execute arbitrary code via long command line arguments to (1) uucp, (2) uux, (3) bnuconvert, (4) uucico, (5) uuxcmd, or (6) uuxqt. | |||
| CVE-2001-1359 | 0.00 | — | 0.03 | Jun 8, 2001 | Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server. | |||
| CVE-2001-0181 | 0.00 | — | 0.05 | Mar 26, 2001 | Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands. | |||
| CVE-2001-0178 | 0.00 | — | 0.00 | Mar 26, 2001 | kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges. | |||
| CVE-2001-0139 | 0.00 | — | 0.00 | Mar 12, 2001 | inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations. | |||
| CVE-2000-0360 | 0.00 | — | 0.03 | Oct 20, 2000 | Buffer overflow in INN 2.2.1 and earlier allows remote attackers to cause a denial of service via a maliciously formatted article. | |||
| CVE-2000-0667 | 0.00 | — | 0.00 | Jul 27, 2000 | Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a denial of service. | |||
| CVE-2000-0372 | 0.00 | — | 0.00 | Jul 12, 2000 | Vulnerability in Caldera rmt command in the dump package 0.4b4 allows a local user to gain root privileges. | |||
| CVE-2000-0566 | 0.00 | — | 0.00 | Jul 3, 2000 | makewhatis in Linux man package allows local users to overwrite files via a symlink attack. | |||
| CVE-1999-1571 | 0.00 | — | 0.00 | Nov 4, 1999 | Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570. | |||
| CVE-2000-0369 | 0.00 | — | 0.02 | Oct 8, 1999 | The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows remote attackers to cause a denial of service. | |||
| CVE-1999-0880 | 0.00 | — | 0.01 | Oct 1, 1999 | Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly. | |||
| CVE-1999-0872 | 0.00 | — | 0.00 | Aug 25, 1999 | Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file. | |||
| CVE-2000-0374 | 0.00 | — | 0.04 | Aug 22, 1999 | The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions. | |||
| CVE-1999-0731 | 0.00 | — | 0.00 | Jun 23, 1999 | The KDE klock program allows local users to unlock a session using malformed input. | |||
| CVE-1999-0712 | 0.00 | — | 0.00 | Apr 27, 1999 | A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable. | |||
| CVE-1999-0439 | 0.00 | — | 0.02 | Apr 5, 1999 | Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file. | |||
| CVE-1999-0434 | 0.00 | — | 0.01 | Mar 30, 1999 | XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. | |||
| CVE-2000-0370 | 0.00 | — | 0.05 | Jan 29, 1999 | The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for the rmail command. | |||
| CVE-1999-0390 | 0.00 | — | 0.00 | Jan 4, 1999 | Buffer overflow in Dosemu Slang library in Linux. | |||
| CVE-1999-1288 | 0.00 | — | 0.00 | Nov 19, 1998 | Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program. | |||
| CVE-1999-0017 | 0.00 | — | 0.02 | Dec 10, 1997 | FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. | |||
| CVE-1999-1182 | 0.00 | — | 0.00 | Jul 17, 1997 | Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error. | |||
| CVE-1999-0047 | 0.00 | — | 0.03 | Jan 28, 1997 | MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. | |||
| CVE-1999-0234 | 0.00 | — | 0.00 | Oct 8, 1996 | Bash treats any character with a value of 255 as a command separator. |
- CVE-2002-0442Jul 26, 2002risk 0.00cvss —epss 0.00
Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges.
- CVE-1999-1570May 1, 2002risk 0.00cvss —epss 0.00
Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter.
- CVE-2002-0105Mar 25, 2002risk 0.00cvss —epss 0.00
CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating systems, allows local users to gain privileges via a symlink attack on /var/dt/Xerrors since /var/dt is world-writable.
- CVE-2002-0164Mar 15, 2002risk 0.00cvss —epss 0.00
Vulnerability in the MIT-SHM extension of the X server on Linux (XFree86) 4.2.1 and earlier allows local users to read and write arbitrary shared memory, possibly to cause a denial of service or gain privileges.
- CVE-2001-1576Dec 31, 2001risk 0.00cvss —epss 0.01
Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument.
- CVE-2001-1577Dec 31, 2001risk 0.00cvss —epss 0.01
Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to gain privileges when the session is reused.
- CVE-2001-1478Dec 31, 2001risk 0.00cvss —epss 0.00
Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code.
- CVE-2001-1579Dec 31, 2001risk 0.00cvss —epss 0.01
The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.
- CVE-2001-0869Dec 21, 2001risk 0.00cvss —epss 0.03
Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.
- CVE-2001-0850Dec 6, 2001risk 0.00cvss —epss 0.02
A configuration error in the libdb1 package in OpenLinux 3.1 uses insecure versions of the snprintf and vsnprintf functions, which could allow local or remote users to exploit those functions with a buffer overflow.
- CVE-2001-0851Dec 6, 2001risk 0.00cvss —epss 0.03
Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie.
- CVE-2001-0858Dec 6, 2001risk 0.00cvss —epss 0.00
Buffer overflow in pppattach and other linked PPP utilities in Caldera Open Unix 8.0 and UnixWare 7.1.0 and 7.1.1 allows local users to gain privileges.
- CVE-2001-0896Nov 30, 2001risk 0.00cvss —epss 0.02
Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO.
- CVE-2000-1195Aug 31, 2001risk 0.00cvss —epss 0.02
telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option.
- CVE-2001-1062Aug 31, 2001risk 0.00cvss —epss 0.00
Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local users to execute arbitrary code.
- CVE-2001-1063Aug 31, 2001risk 0.00cvss —epss 0.00
Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7 allows local users to gain root privileges via a long -S (scheme) command line argument.
- CVE-2001-1153Aug 28, 2001risk 0.00cvss —epss 0.00
lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument.
- CVE-2000-0892Jul 21, 2001risk 0.00cvss —epss 0.01
Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL.
- CVE-2001-1030Jul 18, 2001risk 0.00cvss —epss 0.02
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
- CVE-2001-0980Jul 17, 2001risk 0.00cvss —epss 0.02
docview before 1.0-15 allows remote attackers to execute arbitrary commands via shell metacharacters that are processed when converting a man page to a web page.
- CVE-2001-1164Jun 27, 2001risk 0.00cvss —epss 0.01
Buffer overflow in uucp utilities in UnixWare 7 allows local users to execute arbitrary code via long command line arguments to (1) uucp, (2) uux, (3) bnuconvert, (4) uucico, (5) uuxcmd, or (6) uuxqt.
- CVE-2001-1359Jun 8, 2001risk 0.00cvss —epss 0.03
Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server.
- CVE-2001-0181Mar 26, 2001risk 0.00cvss —epss 0.05
Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands.
- CVE-2001-0178Mar 26, 2001risk 0.00cvss —epss 0.00
kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.
- CVE-2001-0139Mar 12, 2001risk 0.00cvss —epss 0.00
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
- CVE-2000-0360Oct 20, 2000risk 0.00cvss —epss 0.03
Buffer overflow in INN 2.2.1 and earlier allows remote attackers to cause a denial of service via a maliciously formatted article.
- CVE-2000-0667Jul 27, 2000risk 0.00cvss —epss 0.00
Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a denial of service.
- CVE-2000-0372Jul 12, 2000risk 0.00cvss —epss 0.00
Vulnerability in Caldera rmt command in the dump package 0.4b4 allows a local user to gain root privileges.
- CVE-2000-0566Jul 3, 2000risk 0.00cvss —epss 0.00
makewhatis in Linux man package allows local users to overwrite files via a symlink attack.
- CVE-1999-1571Nov 4, 1999risk 0.00cvss —epss 0.00
Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.
- CVE-2000-0369Oct 8, 1999risk 0.00cvss —epss 0.02
The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows remote attackers to cause a denial of service.
- CVE-1999-0880Oct 1, 1999risk 0.00cvss —epss 0.01
Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly.
- CVE-1999-0872Aug 25, 1999risk 0.00cvss —epss 0.00
Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.
- CVE-2000-0374Aug 22, 1999risk 0.00cvss —epss 0.04
The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions.
- CVE-1999-0731Jun 23, 1999risk 0.00cvss —epss 0.00
The KDE klock program allows local users to unlock a session using malformed input.
- CVE-1999-0712Apr 27, 1999risk 0.00cvss —epss 0.00
A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.
- CVE-1999-0439Apr 5, 1999risk 0.00cvss —epss 0.02
Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file.
- CVE-1999-0434Mar 30, 1999risk 0.00cvss —epss 0.01
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
- CVE-2000-0370Jan 29, 1999risk 0.00cvss —epss 0.05
The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for the rmail command.
- CVE-1999-0390Jan 4, 1999risk 0.00cvss —epss 0.00
Buffer overflow in Dosemu Slang library in Linux.
- CVE-1999-1288Nov 19, 1998risk 0.00cvss —epss 0.00
Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program.
- CVE-1999-0017Dec 10, 1997risk 0.00cvss —epss 0.02
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
- CVE-1999-1182Jul 17, 1997risk 0.00cvss —epss 0.00
Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.
- CVE-1999-0047Jan 28, 1997risk 0.00cvss —epss 0.03
MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.
- CVE-1999-0234Oct 8, 1996risk 0.00cvss —epss 0.00
Bash treats any character with a value of 255 as a command separator.
Page 2 of 2