SCO Unixware 7.0/7.0.1/7.1/7.1.1 'uidadmin' Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/842/info Certain versions of SCO Unixware ship with an exploitable version of the /usr/bin/uidadmin program. The problem lies in that 'uidadmin' runs with root privileges and performs insecure writes to a scratch director...

SCO UnixWare < 7.1.4 p534589 (pkgadd) Local Root Exploit

No description provided by source. !/bin/ksh 04/2008: public release SCO UnixWare 7.1.4 p534589 if id -un = 'root' ; then grep -v $1-root$ /var/adm/sulog su.log cp su.def /etc/default/su cp su.log /var/adm/sulog rm -f su.def su.log woot.log else echo ------------------------------------ echo...

CVE-2009-1552

Unspecified vulnerability in the IGMP driver in SCO Unixware Release 7.1.4 Maintenance Pack 4 allows attackers to cause a denial of service system panic via unspecified vectors...

Code injection

Unspecified vulnerability in the IGMP driver in SCO Unixware Release 7.1.4 Maintenance Pack 4 allows attackers to cause a denial of service system panic via unspecified vectors...

CVE-2009-1552

Unspecified vulnerability in the IGMP driver in SCO Unixware Release 7.1.4 Maintenance Pack 4 allows attackers to cause a denial of service system panic via unspecified vectors...

CVE-2009-1552

CVE-2009-1552 pertains to an unspecified vulnerability in the IGMP driver of SCO Unixware Release 7.1.4 Maintenance Pack 4. The effective impact is a denial of service resulting in a system panic, as described in multiple sources (NVD entry and related records). The available documents do not spe...

Design/Logic Flaw

Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a crafted -d argument that contains .. dot dot sequences that point to a directory containing a file whose name includes shell metacharacters...

CVE-2008-6559

Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a crafted -d argument that contains .. dot dot sequences that point to a directory containing a file whose name includes shell metacharacters...

Design/Logic Flaw

Untrusted search path vulnerability in 1 hvdisp and 2 rcvm in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges by modifying the RELIANTPATH environment variable to point to a malicious bin/hvenv program...

CVE-2008-6559

The CVE-2008-6559 entry details a local privilege-escalation in ReliantHA 1.1.4 running on SCO UnixWare 7.1.4. The vulnerability arises when a crafted -d argument contains .. sequences that resolve to a directory containing a file whose name includes shell metacharacters, enabling local users to ...

CVE-2008-6558

Untrusted search path vulnerability in ReliantHA 1.1.4 (SCO UnixWare 7.1.4) affects hvdisp and rcvm. Local users can gain root privileges by setting RELIANT_PATH to a malicious bin/hvenv, exploiting an untrusted PATH search. Affected components: RELIANT_PATH environment variable usage in hvdisp/r...

Unixware utilities buffer overflow

No description provided by source. / 04/2008: public release I have'nt seen any advisory on this; possibly still not fixed. SCO UnixWare Reliant HA Local Root Exploit By qaaz / include stdio.h include stdlib.h include string.h include unistd.h include errno.h include fcntl.h define TGT1...

UnixWare Merge mcd Local Root Exploit

No description provided by source. / 04/2008: public release I have'nt seen any advisory on this; possibly still not fixed. SCO UnixWare Merge mcd Local Root Exploit By qaaz / include stdio.h include stdlib.h include string.h include unistd.h include errno.h include sys/stat.h define TARGET...

[EXPL] SCO UnixWare Merge mcd Local Root &#40;Exploit&#41;

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Unixware utilities buffer overflow

Buffer overflows in suid utilities /usr/lib/merge/mcd /usr/opt/reliant/bin/hvdisp /usr/opt/reliant/bin/rcvm...

[EXPL] SCO UnixWare Reliant HA Local Root &#40;Exploit&#41;

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

SCO UnixWare pkgadd本地权限提升漏洞

BUGTRAQ ID: 28236 CVECAN ID: CVE-2008-0310 UnixWare是由SCO公司开发和维护的商业性质Unix操作系统。 SCO UnixWare在处理环境变量时存在漏洞，本地攻击者可能利用此漏洞提升自己的权限。 SCO UnixWare的pkgadd命令没有正确地过滤某个环境变量，如果本地用户在该命令中使用了目录遍历序列（如“../”）的话，就可以覆盖系统文件，获得权限提升。 SCO Unixware 7.1.4 SCO --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Directory traversal

Directory traversal vulnerability in pkgadd in SCO UnixWare 7.1.4 before p534589 allows local users to create or append to arbitrary files via ".." sequences in an unspecified environment variable, probably PKGINST...

CVE-2008-0310

Directory traversal vulnerability in pkgadd in SCO UnixWare 7.1.4 before p534589 allows local users to create or append to arbitrary files via ".." sequences in an unspecified environment variable, probably PKGINST...

CVE-2008-0310

CVE-2008-0310 describes a local privilege escalation in SCO UnixWare 7.1.4 before patch p534589. The vulnerability lies in the pkgadd command, which improperly handles an environment variable (likely PKGINST) during package installation, allowing a local user to traverse directories using ".." se...