418 matches found
CVE-2000-0349
Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of service...
CVE-2000-1014
Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter...
CVE-2000-1014
The CVE-2000-1014 entry concerns a format string vulnerability in the search97.cgi CGI script of the SCO help HTTP server for Unixware 7 . The flaw allows remote attackers to execute arbitrary commands through format string characters supplied in the queryText parameter, enabling potential remote...
CVE-2000-0842
The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. dot dot attack...
Cyberguard FW Silliness
Hey guys, Not an extremely huge issue, however one I think worth noting. Cyberguard claims that their FW software runs atop 'hardened' versions of SCO/Unixware comes bundled w/ the FW package. However, on a default installation of the latest version of the Cyberguard FW on SCO, there are a number...
CVE-2000-0842
CVE-2000-0842 affects the UnixWare 7 scohelphttp webserver. The vulnerability is in the search97cgi/vtopic component, where a path traversal via a .. (dot dot) attack could allow remote attackers to read arbitrary files. The available connected sources (NVD, CVE listings) confirm the affected pro...
CVE-2000-0842
The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. dot dot attack...
CVE-1999-0942
UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes...
CVE-1999-0942
UnixWare dos7utils is affected by CVE-1999-0942. A local user can gain root privileges by using the STATICMERGE environment variable to locate and execute a script. The vulnerability is triggered by how STATICMERGE is resolved and used by the utility, enabling privilege escalation. Affected versi...
Unixware SCOhelp http server format string vulnerability
CORE SDI Inc. http://www.core-sdi.com Unixware SCOhelp http server format string vulnerability Date Published: 09/27/00 Advisory ID: CORE-092700 Bugtraq ID: 1717 CVE CAN: None currently assigned. Title: Unixware SCOhelp http server format string vulnerability Class: Input validation error Remotel...
Дырка в scohelphttp (Unixware 7)
Обратный путь в директориях позволяет получить любой файл с сервера...
Unixware 7.0 - SCOhelp HTTP Server Format String
Unixware 7.0 - SCOhelp HTTP Server Format String source: https://www.securityfocus.com/bid/1717/info SCO Unixware 7 default installation includes scohelp, an http server that listens on port 457/tcp and allows access to manual pages and other documentation files. The search CGI script provided fo...
Unixware 7.0 - SCOhelp HTTP Server Format String
source: https://www.securityfocus.com/bid/1717/info SCO Unixware 7 default installation includes scohelp, an http server that listens on port 457/tcp and allows access to manual pages and other documentation files. The search CGI script provided for that purpose has a vulnerability that could all...
Advisory: Tridia DoubleVision / SCO UnixWare
Security Advisory: SCO UnixWare 7 / Double Vision local root exploit By: Stephen J. Friedl, Software Consultant [email protected] Date: 2000-09-16 discovered late June 2000 Short Summary: The "Double Vision" product for SCO UnixWare has a buffer overflow vulnerabilty that allows any local user to...
SCO scohelhttp documentation webserver exposes local files
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ====================================================================== Defcom Labs Advisory def-2000-01 UnixWare 7 scohelphttp exposes local files Author: Olle Segerdahl [email protected] Release Date: 2000-09-11...
Tridia DoubleVision 3.0 7.00 - Local Privilege Escalation
// source: https://www.securityfocus.com/bid/1697/info A utility integral to Tridia DoubleVision for SCO UnixWare 7.x has been found to be vulnerable to a buffer overflow attack. dvtermtype, which is setuid root, is run by a user at login time to tell DoubleVision what terminal translations to us...
Tridia DoubleVision 3.0 7.00 - Local Privilege Escalation
Tridia DoubleVision 3.0 7.00 - Local Privilege Escalation // source: https://www.securityfocus.com/bid/1697/info A utility integral to Tridia DoubleVision for SCO UnixWare 7.x has been found to be vulnerable to a buffer overflow attack. dvtermtype, which is setuid root, is run by a user at login...
CVE-1999-0866
Buffer overflow in UnixWare xauto program allows local users to gain root privilege...
CVE-1999-0836
UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack...
CVE-1999-0864
UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file...