Vendor CVEs
SCO Group
All CVEs
135 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2000-0147 | 0.00 | — | 0.00 | Feb 8, 2000 | snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration. | |||
| CVE-2000-0130 | 0.00 | — | 0.01 | Jan 27, 2000 | Buffer overflow in SCO scohelp program allows remote attackers to execute commands. | |||
| CVE-2000-0099 | 0.00 | — | 0.00 | Jan 18, 2000 | Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument. | |||
| CVE-2000-0003 | 0.00 | — | 0.01 | Dec 30, 1999 | Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable. | |||
| CVE-1999-0001 | 0.00 | — | 0.03 | Dec 30, 1999 | ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets. | |||
| CVE-2000-0029 | 0.00 | — | 0.00 | Dec 27, 1999 | UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack. | |||
| CVE-1999-0835 | 0.00 | — | 0.01 | Nov 10, 1999 | Denial of service in BIND named via malformed SIG records. | |||
| CVE-1999-0851 | 0.00 | — | 0.00 | Nov 10, 1999 | Denial of service in BIND named via naptr. | |||
| CVE-1999-1571 | 0.00 | — | 0.00 | Nov 4, 1999 | Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570. | |||
| CVE-1999-0942 | 0.00 | — | 0.00 | Oct 4, 1999 | UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes. | |||
| CVE-1999-0697 | 0.00 | — | 0.00 | Sep 9, 1999 | SCO Doctor allows local users to gain root privileges through a Tools option. | |||
| CVE-1999-0411 | 0.00 | — | 0.00 | Mar 7, 1999 | Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access. | |||
| CVE-1999-0476 | 0.00 | — | 0.00 | Mar 1, 1999 | A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user. | |||
| CVE-1999-1450 | 0.00 | — | 0.02 | Jan 27, 1999 | Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges. | |||
| CVE-1999-0798 | 0.00 | — | 0.02 | Dec 4, 1998 | Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type. | |||
| CVE-1999-0010 | 0.00 | — | 0.02 | Apr 8, 1998 | Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. | |||
| CVE-1999-0004 | 0.00 | — | 0.03 | Dec 16, 1997 | MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook. | |||
| CVE-1999-0017 | 0.00 | — | 0.02 | Dec 10, 1997 | FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. | |||
| CVE-1999-1209 | 0.00 | — | 0.00 | Nov 20, 1997 | Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Open Server 3.0 allows local users to gain root privileges. | |||
| CVE-1999-0024 | 0.00 | — | 0.05 | Aug 13, 1997 | DNS cache poisoning via BIND, by predictable query IDs. | |||
| CVE-1999-0033 | 0.00 | — | 0.01 | Jun 12, 1997 | Command execution in Sun systems via buffer overflow in the at program. | |||
| CVE-1999-0345 | 0.00 | — | 0.01 | Jan 1, 1997 | Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. | |||
| CVE-1999-0096 | 0.00 | — | 0.01 | Dec 10, 1996 | Sendmail decode alias can be used to overwrite sensitive files. | |||
| CVE-1999-0129 | 0.00 | — | 0.01 | Dec 3, 1996 | Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. | |||
| CVE-1999-0131 | 0.00 | — | 0.01 | Sep 11, 1996 | Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. | |||
| CVE-1999-1252 | 0.00 | — | 0.00 | Sep 4, 1996 | Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access arbitrary files and gain root privileges. | |||
| CVE-1999-1253 | 0.00 | — | 0.00 | Jun 7, 1996 | Vulnerability in a kernel error handling routine in SCO OpenServer 5.0.2 and earlier, and SCO Internet FastStart 1.0, allows local users to gain root privileges. | |||
| CVE-1999-0019 | 0.00 | — | 0.02 | Apr 24, 1996 | Delete or create a file via rpc.statd, due to invalid information. | |||
| CVE-1999-0078 | 0.00 | — | 0.01 | Apr 18, 1996 | pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. | |||
| CVE-1999-1302 | 0.00 | — | 0.00 | Nov 30, 1994 | Unspecified vulnerability in pt_chmod in SCO UNIX 4.2 and earlier allows local users to gain root access. | |||
| CVE-1999-1303 | 0.00 | — | 0.00 | Nov 30, 1994 | Vulnerability in prwarn in SCO UNIX 4.2 and earlier allows local users to gain root access. | |||
| CVE-1999-1305 | 0.00 | — | 0.00 | Nov 30, 1994 | Vulnerability in "at" program in SCO UNIX 4.2 and earlier allows local users to gain root access. | |||
| CVE-1999-1304 | 0.00 | — | 0.00 | Nov 30, 1994 | Vulnerability in login in SCO UNIX 4.2 and earlier allows local users to gain root access. | |||
| CVE-1999-1138 | 0.00 | — | 0.02 | Sep 17, 1993 | SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/tmp for the asg user, which allows other users to gain access to those accounts since /tmp and /usr/tmp are world-writable. | |||
| CVE-1999-1162 | 0.00 | — | 0.01 | May 24, 1993 | Vulnerability in passwd in SCO UNIX 4.0 and earlier allows attackers to cause a denial of service by preventing users from being able to log into the system. |
- CVE-2000-0147Feb 8, 2000risk 0.00cvss —epss 0.00
snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration.
- CVE-2000-0130Jan 27, 2000risk 0.00cvss —epss 0.01
Buffer overflow in SCO scohelp program allows remote attackers to execute commands.
- CVE-2000-0099Jan 18, 2000risk 0.00cvss —epss 0.00
Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument.
- CVE-2000-0003Dec 30, 1999risk 0.00cvss —epss 0.01
Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable.
- CVE-1999-0001Dec 30, 1999risk 0.00cvss —epss 0.03
ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.
- CVE-2000-0029Dec 27, 1999risk 0.00cvss —epss 0.00
UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack.
- CVE-1999-0835Nov 10, 1999risk 0.00cvss —epss 0.01
Denial of service in BIND named via malformed SIG records.
- CVE-1999-0851Nov 10, 1999risk 0.00cvss —epss 0.00
Denial of service in BIND named via naptr.
- CVE-1999-1571Nov 4, 1999risk 0.00cvss —epss 0.00
Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.
- CVE-1999-0942Oct 4, 1999risk 0.00cvss —epss 0.00
UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes.
- CVE-1999-0697Sep 9, 1999risk 0.00cvss —epss 0.00
SCO Doctor allows local users to gain root privileges through a Tools option.
- CVE-1999-0411Mar 7, 1999risk 0.00cvss —epss 0.00
Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access.
- CVE-1999-0476Mar 1, 1999risk 0.00cvss —epss 0.00
A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user.
- CVE-1999-1450Jan 27, 1999risk 0.00cvss —epss 0.02
Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges.
- CVE-1999-0798Dec 4, 1998risk 0.00cvss —epss 0.02
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
- CVE-1999-0010Apr 8, 1998risk 0.00cvss —epss 0.02
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
- CVE-1999-0004Dec 16, 1997risk 0.00cvss —epss 0.03
MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.
- CVE-1999-0017Dec 10, 1997risk 0.00cvss —epss 0.02
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
- CVE-1999-1209Nov 20, 1997risk 0.00cvss —epss 0.00
Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Open Server 3.0 allows local users to gain root privileges.
- CVE-1999-0024Aug 13, 1997risk 0.00cvss —epss 0.05
DNS cache poisoning via BIND, by predictable query IDs.
- CVE-1999-0033Jun 12, 1997risk 0.00cvss —epss 0.01
Command execution in Sun systems via buffer overflow in the at program.
- CVE-1999-0345Jan 1, 1997risk 0.00cvss —epss 0.01
Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.
- CVE-1999-0096Dec 10, 1996risk 0.00cvss —epss 0.01
Sendmail decode alias can be used to overwrite sensitive files.
- CVE-1999-0129Dec 3, 1996risk 0.00cvss —epss 0.01
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
- CVE-1999-0131Sep 11, 1996risk 0.00cvss —epss 0.01
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
- CVE-1999-1252Sep 4, 1996risk 0.00cvss —epss 0.00
Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access arbitrary files and gain root privileges.
- CVE-1999-1253Jun 7, 1996risk 0.00cvss —epss 0.00
Vulnerability in a kernel error handling routine in SCO OpenServer 5.0.2 and earlier, and SCO Internet FastStart 1.0, allows local users to gain root privileges.
- CVE-1999-0019Apr 24, 1996risk 0.00cvss —epss 0.02
Delete or create a file via rpc.statd, due to invalid information.
- CVE-1999-0078Apr 18, 1996risk 0.00cvss —epss 0.01
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
- CVE-1999-1302Nov 30, 1994risk 0.00cvss —epss 0.00
Unspecified vulnerability in pt_chmod in SCO UNIX 4.2 and earlier allows local users to gain root access.
- CVE-1999-1303Nov 30, 1994risk 0.00cvss —epss 0.00
Vulnerability in prwarn in SCO UNIX 4.2 and earlier allows local users to gain root access.
- CVE-1999-1305Nov 30, 1994risk 0.00cvss —epss 0.00
Vulnerability in "at" program in SCO UNIX 4.2 and earlier allows local users to gain root access.
- CVE-1999-1304Nov 30, 1994risk 0.00cvss —epss 0.00
Vulnerability in login in SCO UNIX 4.2 and earlier allows local users to gain root access.
- CVE-1999-1138Sep 17, 1993risk 0.00cvss —epss 0.02
SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/tmp for the asg user, which allows other users to gain access to those accounts since /tmp and /usr/tmp are world-writable.
- CVE-1999-1162May 24, 1993risk 0.00cvss —epss 0.01
Vulnerability in passwd in SCO UNIX 4.0 and earlier allows attackers to cause a denial of service by preventing users from being able to log into the system.
Page 3 of 3