CVE-2002-0827

CVE-2002-0827 affects pppd on UnixWare 7.1.1 and Open UNIX 8.0.0, enabling local users to gain root privileges via (1) ppptalk or (2) ppp. The description notes this is a different issue from CVE-2002-0824. No remediation or version details are provided in the supplied documents; exploitation sta...

Security Update: [CSSA-2002-SCO.27] UnixWare 7.1.1 Open UNIX 8.0.0 : ppptalk root privilege vulnerability

To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: UnixWare 7.1.1 Open UNIX 8.0.0 : ppptalk root privilege vulnerability Advisory number: CSSA-2002-SCO.27 Issue date: 2002 June 18 Cross reference: 1. Problem...

Buffer overflow in OpenUnix/Unixware ppp utils

No description provided...

CVE-2002-0517

Buffer overflow in X11 library libX11 on Caldera Open UNIX 8.0.0, UnixWare 7.1.1, and possibly other operating systems, allows local users to gain root privileges via a long -xrm argument to programs such as 1 dtterm or 2 xterm...

CVE-2002-0517

The CVE-2002-0517 issue affects the X11 libX11 library in Caldera Open UNIX 8.0.0 and UnixWare 7.1.1 (and possibly other OSes). A buffer overflow occurs when handling a long -xrm argument in programs such as dtterm or xterm, allowing local users to gain root privileges. Exploitation details and a...

CVE-2002-0311

Vulnerability in webtop in UnixWare 7.1.1 and Open UNIX 8.0.0 allows local and possibly remote attackers to gain root privileges via shell metacharacters in the -c argument for 1 in scoadminreg.cgi or 2 serviceaction.cgi...

CVE-2002-0246

Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LCMESSAGE environment variable to read other message catalogs containing format strings from setuid programs such as vxprint...

CVE-2002-0311

CVE-2002-0311 describes a vulnerability in WebTop on UnixWare 7.1.1 and Open UNIX 8.0.0 where local and possibly remote attackers can gain root privileges by supplying shell metacharacters in the -c argument of the CGI scripts scoadminreg.cgi or service_action.cgi. The affected components are the...

CVE-2002-0311

Vulnerability in webtop in UnixWare 7.1.1 and Open UNIX 8.0.0 allows local and possibly remote attackers to gain root privileges via shell metacharacters in the -c argument for 1 in scoadminreg.cgi or 2 serviceaction.cgi...

Security Update: [CSSA-2002-SCO.15] Open UNIX 8.0.0 UnixWare 7.1.1 : Buffer overflow in libX11 with -xrm

To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: Open UNIX 8.0.0 UnixWare 7.1.1 : Buffer overflow in libX11 with -xrm Advisory number: CSSA-2002-SCO.15 Issue date: 2002 April 11 Cross reference: 1. Problem...

Security Update: [CSSA-2002-SCO.14] Open UNIX 8.0.0 UnixWare 7.1.1 : X server allows access to any shared memory on the system

To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: Open UNIX 8.0.0 UnixWare 7.1.1 : X server allows access to any shared memory on the system Advisory number: CSSA-2002-SCO.14 Issue date: 2002 April 08 Cross...

CVE-2002-0105

CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating systems, allows local users to gain privileges via a symlink attack on /var/dt/Xerrors since /var/dt is world-writable...

CVE-2001-1164

CVE-2001-1164 affects UnixWare 7, specifically the uucp utilities (uucp, uux, bnuconvert, uucico, uuxcmd, uuxqt). The issue is a buffer overflow triggered by long command-line arguments, allowing a local attacker to run arbitrary code. CVSS v2 base score is 7.2 (HIGH) with LOCAL attack vector, LO...

CVE-2002-0105

CVE-2002-0105 affects Caldera UnixWare 7.1.0 (and possibly other OSes) where /var/dt is world-writable. A local attacker can exploit a symlink attack on /var/dt/Xerrors to gain privileges. The root cause is the world-writable /var/dt directory enabling a symlink-based workaround. The provided doc...

CVE-2002-0105

CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating systems, allows local users to gain privileges via a symlink attack on /var/dt/Xerrors since /var/dt is world-writable...

CVE-2001-1164

Buffer overflow in uucp utilities in UnixWare 7 allows local users to execute arbitrary code via long command line arguments to 1 uucp, 2 uux, 3 bnuconvert, 4 uucico, 5 uuxcmd, or 6 uuxqt...

CVE-2001-1063

CVE-2001-1063 describes a local privilege-elevation in Caldera OpenUnix 8.0.0 and UnixWare 7 via a buffer overflow in the uidadmin utility. An overly long -S (scheme) command line argument can overflow a buffer, allowing a local user to gain root privileges. The vulnerability affects the uidadmin...

SCO UnixWare 7.1.X

Well.. Looks like a insecure file vuln exsists within the system created file when you do the initial install of SCO. Lets take a look here at /var/adm/isl/ifile [email protected] ls -l /var/adm/isl/ifile -rw-r--r-- 1 root root 4691 Sep 24 1999 /var/adm/isl/ifile And we all know the shadow file ...

Слабые разрешения в Unixware (weak permissions)

Файл /var/adm/isl/ifile открытый на чтение содержит пароль администратора...

Security Update: [CSSA-2002-SCO.3] UnixWare 7: message catalog environment variable vulnerability

To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: UnixWare 7: message catalog environment variable vulnerability Advisory number: CSSA-2002-SCO.3 Issue date: 2002 February 7 Cross reference: 1. Problem Descripti...