unixware.xlock.txt

-----Original Message----- Date: Fri, 26 Nov 1999 04:29:42 +0300 MSK From: Matt Conover To: [email protected] Subject: w00giving '99 7: UnixWare 7's xlock Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII w00w00 Security Development WSD...

unixware.Xsco.txt

-----Original Message----- Date: Fri, 26 Nov 1999 04:27:16 +0300 MSK From: Matt Conover To: [email protected] Subject: w00giving '99 6: UnixWare 7's Xsco Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII w00w00 Security Development WSD...

SCO Unixware 7.07.0.17.1 - Xsco Buffer Overflow

SCO Unixware 7.07.0.17.1 - Xsco Buffer Overflow // source: https://www.securityfocus.com/bid/824/info Under certain versions of Unixware, the SUID program Xsco is vulnerable to a buffer overflow attack. The problem lies in that Xsco does not sanity check user supplied data. // UnixWare7...

SCO Unixware 7.0 - xlock(1) Username Local Buffer Overflow

SCO Unixware 7.0 - xlock1 Username Local Buffer Overflow // source: https://www.securityfocus.com/bid/825/info Certain versions of Unixware ship with a version of xlock which is vulnerable to a buffer overflow attack. The xlock1 program locks the local X display until a username and password are...

SCO Unixware 7.0/7.0.1/7.1 - Xsco Buffer Overflow

// source: https://www.securityfocus.com/bid/824/info Under certain versions of Unixware, the SUID program Xsco is vulnerable to a buffer overflow attack. The problem lies in that Xsco does not sanity check user supplied data. // UnixWare7 /usr/X/bin/Xsco local, K2/cheez // // Xsco produces some...

SCO Unixware 7.0 - 'xlock(1)' 'Username' Local Buffer Overflow

// source: https://www.securityfocus.com/bid/825/info Certain versions of Unixware ship with a version of xlock which is vulnerable to a buffer overflow attack. The xlock1 program locks the local X display until a username and password are entered. In this instance a user can provide an overly lo...

unix7.var-sadm.txt

w00w00 Security Development WSD http://www.w00w00.org/advisories.html --------------------------------------------------------------------------- Relocation of w00w00.org: After being relocated, http://www.w00w00.org is up and running. Although we are using an old backup of the site off the mirro...

CVE-1999-0830

Buffer overflow in SCO UnixWare Xsco command via a long argument...

PT-1999-1384 · Sco · Sco Unixware

Name of the Vulnerable Software and Affected Versions: SCO UnixWare affected versions not specified Description: A buffer overflow issue exists in the Xsco command of SCO UnixWare due to its inability to handle long arguments properly. Recommendations: At the moment, there is no information about...

SCO Unixware 2.1/7.0/7.0.1/7.1/7.1.1 - su(1) Buffer Overflow

// source: https://www.securityfocus.com/bid/826/info Certain versions of Unixware ship with a version of su1 which is vulnerable to a buffer overflow attack. This attack is possible because su1 fails to sanity check user supplied data, in this instance a username supplied on the command line...

SCO Unixware 2.17.07.0.17.17.1.1 - su(1) Buffer Overflow

SCO Unixware 2.17.07.0.17.17.1.1 - su1 Buffer Overflow // source: https://www.securityfocus.com/bid/826/info Certain versions of Unixware ship with a version of su1 which is vulnerable to a buffer overflow attack. This attack is possible because su1 fails to sanity check user supplied data, in th...

CVE-1999-0942

UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes...

PT-1999-1480 · Unixware · Dos7Utils

Name of the Vulnerable Software and Affected Versions: UnixWare dos7utils affected versions not specified Description: The issue allows a local user to gain root privileges by utilizing the STATICMERGE environmental variable. This variable is used to find a script that is then executed, potential...

CVE-1999-1450

Vulnerability in 1 rlogin daemon rshd and 2 scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges...

CVE-1999-0836

UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack...

SCO Unixware 7.07.0.17.17.1.1 - uidadmin Local Privilege Escalation

SCO Unixware 7.07.0.17.17.1.1 - uidadmin Local Privilege Escalation source: https://www.securityfocus.com/bid/842/info Certain versions of SCO Unixware ship with an exploitable version of the /usr/bin/uidadmin program. The problem lies in that 'uidadmin' runs with root privileges and performs...

SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' Local Privilege Escalation

source: https://www.securityfocus.com/bid/842/info Certain versions of SCO Unixware ship with an exploitable version of the /usr/bin/uidadmin program. The problem lies in that 'uidadmin' runs with root privileges and performs insecure writes to a scratch directory /tmp/ in this instance. A...

CVE-1999-1252

Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access arbitrary files and gain root privileges...