OpenUNIX 8 & Unixware possible local root

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Another dt series bug... $ uname -a OpenUNIX zen 5 8.0.0 i386 x86at Caldera UNIXSVR5 $ id uid=101fixxxer gid=1other $ ls -al /usr/dt/bin/dtterm - -r-sr-xr-x 1 root bin 60892 Haz 10 05:03 /usr/dt/bin/dtterm $ /usr/dt/bin/dtterm -tn perl -e 'print...

Security Update: [CSSA-2001-SCO.23] Open Unix, UnixWare 7: dtsession environment buffer overflow

To: [email protected] [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: Open Unix, UnixWare 7: dtsession environment buffer overflow Advisory number: CSSA-2001-SCO.23 Issue date: 2001 Octobe...

Security Update: [CSSA-2001-SCO.21] Open Unix, UnixWare 7: dtaction argument buffer overflow

To: [email protected] [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: Open Unix, UnixWare 7: dtaction argument buffer overflow Advisory number: CSSA-2001-SCO.21 Issue date: 2001 October 1...

CVE-1999-1307

Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges...

CVE-1999-1307

The CVE-1999-1307 entry concerns a vulnerability in urestore on Novell UnixWare 1.1 that enables local users to gain root privileges. Affected software: UnixWare 1.1 (utralization not specified). The description states the underlying issue permits local privilege escalation but does not specify t...

CVE-1999-1450

Technical details about CVE-1999-1450 are not publicly available in the provided documents. Monitor for updates.

CVE-1999-1252

Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access arbitrary files and gain root privileges...

CVE-1999-1252

Technical details about CVE-1999-1252 are not publicly provided in the connected documents. Monitor for updates.

CVE-2001-1063

Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7 allows local users to gain root privileges via a long -S scheme command line argument...

Security Update: [CSSA-2001-SCO.14] Open Unix, UnixWare: uidadmin buffer overflow

To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: Open Unix, UnixWare: uidadmin buffer overflow Advisory number: CSSA-2001-SCO.14 Issue date: 2001 August 23 Cross reference: 1. Problem...

SCO UnixWare uuxqt contains buffer overflow via long string of characters sent as command line argument

Overview A buffer overflow in uuxqt, part of the UUCP package on SCO systems, can allow an intruder to gain elevated privileges. Description SCO UnixWare 7 ships with a utility package called UUCP. The UUCP package allows for the copying of files between different UNIX systems and the sending of...

SCO UnixWare bnuconvert contains buffer overflow via long string of characters sent as command line argument

Overview A buffer overflow in bnuconvert, part of the UUCP package on SCO systems, can allow an intruder to gain elevated privileges. Description SCO UnixWare 7 ships with a utility package called UUCP. The UUCP package allows for the copying of files between different UNIX systems and the sendin...

SCO UnixWare uucico contains buffer overflow via long string of characters sent as command line argument

Overview A buffer overflow in uucico, part of the UUCP package on SCO systems, can allow an intruder to gain elevated privileges. Description SCO UnixWare 7 ships with a utility package called UUCP. The UUCP package allows for the copying of files between different UNIX systems and the sending of...

SCO UnixWare uuxcmd contains buffer overflow via long string of characters sent as command line argument

Overview A buffer overflow in uuxcmd, part of the UUCP package on SCO systems, can allow an intruder to gain elevated privileges. Description SCO UnixWare 7 ships with a utility package called UUCP. The UUCP package allows for the copying of files between different UNIX systems and the sending of...

SCO UnixWare uux contains buffer overflow via long string of characters sent as command line argument

Overview A buffer overflow in uux, part of the UUCP package on SCO systems, can allow an intruder to gain elevated privileges. Description SCO UnixWare 7 ships with a utility package called UUCP. The UUCP package allows for the copying of files between different UNIX systems and the sending of...

Security Update: [CSSA-2001-SCO.6] UnixWare: statd buffer overflow

To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: UnixWare: statd buffer overflow Advisory number: CSSA-2001-SCO.6 Issue date: 2001 July 2 Cross reference: 1. Problem Description The nfs daemo...

Security Update: [CSSA-2001-SCO.5] UnixWare: packaging tool exploits

To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: UnixWare: packaging tool exploits Advisory number: CSSA-2001-SCO.5 Issue date: 2001 June 29 Cross reference: 1. Problem Description The...

Security Update: [CSSA-2001-SCO.3] UnixWare - cron buffer overflow

To: [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: UnixWare - cron buffer overflow Advisory number: CSSA-2001-SCO.3 Issue date: 2001 June, 27 Cross reference: 1. Problem Description The cron command is vulnerable to a...

Security Update: [CSSA-2001-SCO.4] UnixWare: uucp utilities buffer overflows

To: [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: UnixWare - uucp utilities buffer overflows Advisory number: CSSA-2001-SCO.4 Issue date: 2001 June, 27 Cross reference: 1. Problem Description The uucp utilities are...

Security Update: [CSSA-2001-SCO.2] UnixWare - su buffer overflow

To: [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: UnixWare - su buffer overflow Advisory number: CSSA-2001-SCO.2 Issue date: 2001 June, 26 Cross reference: 1. Problem Description The su command is vulnerable to a comman...