UnixWare 7.1.3 Open UNIX 8.0.0 : Xsco contains a buffer overflow that could be exploited to gain root privileges.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SCO Security Advisory Subject: UnixWare 7.1.3 Open UNIX 8.0.0 : Xsco contains a buffer overflow that could be exploited to gain root privileges. Advisory number: SCOSA-2004.2 Issue date: 2004 July 29 Cross reference: sr889370 fz528865 erg712546...

CVE-2004-1124

Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities...

CVE-2003-0937

SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID PID by obtaining a procfs file descriptor for the file and calling execve on a setuid or setgid program, which leaves the descriptor open to the user...

CVE-2003-0937

SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID PID by obtaining a procfs file descriptor for the file and calling execve on a setuid or setgid program, which leaves the descriptor open to the user...

CVE-2003-0937

CVE-2003-0937 affects SCO UnixWare 7.1.1, 7.1.3 and Open UNIX 8.0.0. Local users can bypass protections on the process AS (as) by obtaining a procfs descriptor for a PID and then execve() a setuid/setgid binary, leaving the descriptor open to the user (local privilege escalation). According to ad...

PT-2003-1958 · Sco · Open Unix +1

Name of the Vulnerable Software and Affected Versions: SCO UnixWare versions 7.1.1, 7.1.3 Open UNIX version 8.0.0 Description: The issue allows local users to bypass protections for the address space file for a process ID by obtaining a procfs file descriptor for the file and calling execve on a...

UnixWare privilege escalation

Problems with procfs lead to local privilege escalation...

Insecure handling of procfs descriptors in UnixWare 7.1.1, 7.1.3 and Open UNIX 8.0.0 can lead to local privilege escalation.

----------------------------------------------------------------------- Texonet Security Advisory 20031024 ----------------------------------------------------------------------- Advisory ID : TEXONET-20031024 Authors : Joel Soderberg and Christer Oberg Issue date : Friday, October 24, 2003 Publi...

CVE-2003-0597

Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges...

CVE-2003-0597

CVE-2003-0597 affects UnixWare 7.1.x (Merge before 5.3.23a). The description notes an unknown vulnerability in display that lets local users gain root privileges. The root cause is not detailed in the provided documents. CVSS2 base score is 7.2 (HIGH) with LOCAL access, no authentication, and ful...

CVE-2003-0597

Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges...

CVE-2002-0981

Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to execute arbitrary code via a long command line...

CVE-2002-0246

Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LCMESSAGE environment variable to read other message catalogs containing format strings from setuid programs such as vxprint...

CVE-2002-0246

The CVE-2002-0246 issue affects UnixWare 7.1.1, where a format string vulnerability in the message catalog library functions can be exploited locally by manipulating the LC_MESSAGE environment variable. This could allow a local attacker to read other message catalogs containing format strings fro...

CVE-2002-0987

The CVE-2002-0987 entry refers to X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 that fail to drop privileges before invoking programs (e.g., xkbcomp) via popen. This behavior could allow local users to gain privileges. The described vulnerability is a local privilege escalation due to inad...

CVE-2002-0981

The CVE-2002-0981 issue affects UnixWare 7.1.1 and Open UNIX 8.0.0, where the ndcfg binary (/usr/lib/netcfg/bin/ndcfg) has a command‑line buffer overflow in its processing. The advisory notes that ndcfg gains privileges via the security subsystem (not setuid), enabling a local user to run code wi...

CVE-2002-0987

X server Xsco in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges...

CVE-2002-0988

Buffer overflow in X server Xsco in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities...

CVE-2002-0988

CVE-2002-0988 describes a buffer overflow in the X server (Xsco) of OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities. The connected records reiterate the affected products and the vulnerability’s basic nature, but do not provide additional technical details, exploit...

Caldera UnixWare/OpenUnix unescaped shell characters problem

If | is used in filename shell comand may be executed by client on tertrieval...