CVE-2005-2934

CVE-2005-2934 describes a local privilege-escalation in SCO UnixWare 7.1.3 and 7.1.4 caused by a failure in the ptrace implementation to validate setuid permissions on traced binaries. This allows a local user to gain root privileges by attaching to a process via ptrace (exploitation described as...

[Full-disclosure] SCOSA-2006.9 UnixWare 7.1.3 UnixWare 7.1.4 : Setuid ptrace Local Privilege Escalation Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SCO Security Advisory Subject: UnixWare 7.1.3 UnixWare 7.1.4 : Setuid ptrace Local Privilege Escalation Vulnerability Advisory number: SCOSA-2006.9 Issue date: 2006 February 21 Cross reference: fz533176 CVE-2005-2934 1. Problem Description A local use...

CVE-2005-2934

Unspecified vulnerability in ptrace in SCO UnixWare 7.1.3 and 7.1.4 allows local users to gain privileges via unspecified vectors...

CVE-2005-3903

Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary code via a -S scheme argument that specifies a large file, a different vulnerability than CVE-2001-1063...

CVE-2005-3903

Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary code via a -S scheme argument that specifies a large file, a different vulnerability than CVE-2001-1063...

CVE-2005-3903

CVE-2005-3903 documents a local privilege escalation in SCO Unixware 7.1.3 and 7.1.4 caused by a buffer overflow in the setuid binary uidadmin when processing a long -S (scheme) argument that specifies a large file. The vulnerability arises from a failure to bound the input length, enabling a loc...

iDEFENSE Security Advisory 12.12.05: SCO Unixware Setuid 'uidadmin' Scheme Buffer Overflow Vulnerability

SCO Unixware Setuid 'uidadmin' Scheme Buffer Overflow Vulnerability iDefense Security Advisory 12.12.05 www.iDefense.com/application/poi/display?id=350&type=vulnerabilities December 12, 2005 I. BACKGROUND SCO Unixware is a Unix operating system that runs on many OEM platforms. II. DESCRIPTION Loc...

CVE-2005-2927

Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the 1 prompt or 2 defprompt command...

CVE-2005-2927

CVE-2005-2927: Local buffer overflow in SCO UnixWare 7.1.3/7.1.4 (ppp prompt/defprompt) allows local users to run arbitrary code due to an unchecked long argument to the ppp binary (ppptalk) where the binary is setuid root. Vulnerable binaries include /usr/bin/ppptalk; impact is root privilege es...

CVE-2005-2927

Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the 1 prompt or 2 defprompt command...

SCO Unixware ppp buffer overflow

Buffer overflow in /usr/bin/ppptalk...

[Full-disclosure] UnixWare 7.1.4 UnixWare 7.1.3 : ppp buffer overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SCO Security Advisory Subject: UnixWare 7.1.4 UnixWare 7.1.3 : ppp buffer overflow Advisory number: SCOSA-2005.41 Issue date: 2005 October 20 Cross reference: sr894991 fz532994 erg712940 CAN-2005-2927 1. Problem Description iDEFENSE has identified a...

UnixWare ICMP Message Handling Denial of Service

Release Date: 2005-09-05 Critical: Less critical Impact: DoS Where: From remote Solution Status: Vendor Patch OS: UnixWare 7.x.x Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it. CVE reference: CAN-2004-0790 CAN-2004-0791 CAN-2004-1060 CAN-2005-00...

CVE-2001-1576

Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument...

CVE-2001-1576

CVE-2001-1576: Buffer overflow in cron on Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument. The connected documents confirm cron as the affected component and the root cause is a buffer overflow; no explicit exploit details or fixes are provided in the s...

CVE-2001-1579

The timed program in.timed in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service...

CVE-2001-1579

The CVE-2001-1579 entry concerns the timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0. The root cause is improper termination of certain strings with a null character, which permits remote attackers to trigger a denial of service. The Red Hat CVE page corroborates the same description. P...

CVE-2005-2132

RPC portmapper rpcbind in SCO UnixWare 7.1.1 m5, 7.1.3 mp5, and 7.1.4 mp2 allows remote attackers or local users to cause a denial of service lack of response via multiple invalid portmap requests...

CVE-2005-2132

This CVE (CAN-2005-2132) affects SCO UnixWare 7.x (e.g., 7.1.1 m5, 7.1.3 mp5, 7.1.4 mp2) where the RPC portmapper (rpcbind) can be forced into a denial-of-service state by multiple invalid portmap requests, causing RPC services to fail to respond. OpenServer-related advisories (SCOSA-2005.43 for ...

[NILESA-20050701] UnixWare 7.x RPC portmapper Dos Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ================================================================================ NileSOFT Security Advisory - -------------------------------------------------------------------------------- ID : NILESA-20050701 Title : rpcbind Invalid portmap Request...