Security Update: [CSSA-2002-SCO.21] OpenServer 5.0.5 OpenServer 5.0.6 : sort command creates temporary files insecurely

To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: OpenServer 5.0.5 OpenServer 5.0.6 : sort command creates temporary files insecurely Advisory number: CSSA-2002-SCO.21 Issue date: 2002 May 28 Cross reference: 1...

Buffer overflow in Caldera OpenServer sar

Buffer overflow in -o command line option...

Security Update: [CSSA-2002-SCO.17] OpenServer 5.0.5 : sar -o buffer overflow

To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: OpenServer 5.0.5 : sar -o buffer overflow Advisory number: CSSA-2002-SCO.17 Issue date: 2002 May 01 Cross reference: 1. Problem Description If the /usr/bin/sar...

CVE-1999-1570

Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter...

CVE-2001-1148

CVE-2001-1148: Multiple buffer overflows in SCO OpenServer 5.0.6a and earlier allow local users to gain privileges via a long TERM environment variable to (atcronsh, auditsh, authsh, backupsh, lpsh, sysadm.menu, or termsh); affected software is SCO OpenServer components used by scoadmin/sysadmsh....

CVE-2001-1148

Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and earlier allow local users to gain privileges via a long TERM environment variable to 1 atcronsh, 2 auditsh, 3 authsh, 4 backupsh, 5 lpsh, 6 sysadm.menu, or 7 termsh...

Переполнение буфера в dlvr_audit под OpenServer (buffer overflow)

Классическое переполнение буфера...

Security Update: [CSSA-2002-SCO.8] OpenServer: dlvr_audit: exploitable buffer overflow

To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: OpenServer: dlvraudit: exploitable buffer overflow Advisory number: CSSA-2002-SCO.8 Issue date: 2002 March 11 Cross reference: 1. Problem Description The dlvraud...

CVE-2001-0627

The CVE cites SCO OpenServer’s vi (5.0.0–5.0.6) as vulnerable: it creates insecure, world-writable temporary files in /tmp with predictable names, allowing a local attacker to exploit a symlink to overwrite arbitrary files writable by the user. The impact is file integrity loss for targeted files...

CVE-2001-0627

vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack...

CVE-1999-1209

Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Open Server 3.0 allows local users to gain root privileges...

CVE-1999-1209

CVE-1999-1209 describes a local privilege escalation in the “scoterm” component of SCO OpenServer 5.0 and SCO Open Desktop/Open Server 3.0. The vulnerability allows local users to gain root privileges. The Initial Description does not provide concrete details on vulnerable files, exact root cause...

CVE-2001-1508

Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument...

CVE-2001-1578

Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors...

Security Update: [CSSA-2001-SCO.38] OpenServer: lpstat buffer overflow

To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: OpenServer: lpstat buffer overflow Advisory number: CSSA-2001-SCO.38 Issue date: 2001 December 7 Cross reference: sse072 1. Problem Description Even with sse072,...

CVE-2001-0896

Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service crash via a port scan, e.g. with nmap -PO...

Security Update: [CSSA-2001-SCO.35] OpenServer: setcontext and sysi86 vulnerabilities

To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: OpenServer: setcontext and sysi86 vulnerabilities Advisory number: CSSA-2001-SCO.35 Issue date: 2001 November 29 Cross reference: 1. Problem Description This pat...

Переполнения буфера в setcontext и sysi86 под SCO OpenServer (buffer overflow)

No description provided...

Security Update: [CSSA-2001-SCO.25] OpenServer: various scoadmin/sysadm subprograms have buffer overflows

To: [email protected] [email protected] [email protected] [email protected] Do not reply to this mail. This security advisory is being sent from a nonexistent address in order to avoid spam problems. Caldera's contact address for UNIX security issue...

SCO OpenServer/UnixWare vi creates temporary files insecurely

Overview The implementation of vi, a text editor, provided with SCO Openunix creates insecure temporary files with predictable names. Using a symbolic link attack, an intruder can overwrite any file writable by the user of vi. Description vi is a screen-oriented text editor. The implementation...