CVE-2000-0154

The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack...

CVE-2000-0154

The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack...

CVE-2000-0224

ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack...

SCO Unixware 7.17.1.1 - ARCserver tmp Symlink

SCO Unixware 7.17.1.1 - ARCserver tmp Symlink source: https://www.securityfocus.com/bid/988/info A symlink following vulnerability exists in the ARCserve agent, as shipped with SCO Unixware 7. Upon startup, the asagent program will create several files in /tmp. These are created mode 777, and can...

SCO Unixware 7.1/7.1.1 - ARCserver /tmp Symlink

source: https://www.securityfocus.com/bid/988/info A symlink following vulnerability exists in the ARCserve agent, as shipped with SCO Unixware 7. Upon startup, the asagent program will create several files in /tmp. These are created mode 777, and can be removed and replaced by any user on the...

CVE-2000-0215

Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges...

CVE-1999-0988

UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack...

CVE-1999-0828

UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission...

CVE-1999-0830

Buffer overflow in SCO UnixWare Xsco command via a long argument...

CVE-1999-0825

The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail...

CVE-1999-0988

The CVE-1999-0988 entry describes a local-file read vulnerability in UnixWare pkgtrans where a symlink attack allows a local user to read arbitrary files. Affected component: UnixWare pkgtrans (local-exploit path). Root cause: symlink race enabling leakage of file contents. Impact: Confidentialit...

CVE-1999-0830

Affects SCO UnixWare Xsco command; vulnerability is a buffer overflow caused by mishandling long arguments. The PT-1999-1384 entry specifies SCO UnixWare as affected and notes that details on the exact affected versions are not provided and that there is no information about a fix in newer versio...

CVE-1999-0825

CVE-1999-0825 affects UnixWare: default permissions on /var/mail allow local users to read and modify other users’ mail, risking partial confidentiality and integrity (CVSSv2: 3.6/6.0, LOCAL). The connected documents do not provide explicit exploitation details or remediation steps; no affected v...

CVE-1999-0828

CVE-1999-0828 affects UnixWare pkg commands (pkginfo, pkgcat, pkgparam); local users can read arbitrary files via the dacread permission. The provided sources state the vulnerability and impact (partial confidentiality/integrity) but do not include explicit exploit details or a remediation. No ad...

CVE-2000-0099

Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument...

CVE-1999-0979

The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into init before the privileged process is executed...

CVE-1999-0979

The vulnerability CVE-1999-0979 affects the SCO UnixWare privileged process system. Local users can gain root privileges by using a debugger (e.g., gdb) to insert traps into _init before the privileged process runs. The issue is triggered through manipulating the startup path of the privileged in...

fastrack.remote.txt

Greetings, OVERVIEW A vulnerability in Netscape FastTrack 2.01a will allow any remote user to execute commands as the user running the httpd daemon probably nobody. This service is running by default on a standard UnixWare 7.1 installation. BACKGROUND I've only tested the version of Netscape...

CVE-1999-1307

Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges...

Netscape FastTrack Server 2.0.1a - GET Buffer Overflow

Netscape FastTrack Server 2.0.1a - GET Buffer Overflow // source: https://www.securityfocus.com/bid/908/info The version of Netscape FastTrack server that ships with UnixWare 7.1 is vulnerable to a remote buffer overlow. By default, the httpd listens on port 457 of the UnixWare host and serves...