SCO OpenServer vulnerable to privilege escalation in 'scosession' argument handling

Overview A vulnerability in a program supplied with the SCO OpenServer operating system may allow local attackers to gain elevated privileges. Description SCO OpenServer is a UNIX-like operating system for Intel and AMD platforms. The 'scosession' session handling component, which is responsible...

CVE-2003-1021

The CVE-2003-1021 issue affects SCO OpenServer 5.0.6 and 5.0.7 where the scosession program mishandles command-line strings, allowing a local authenticated attacker to gain elevated privileges. The vulnerability lies in scosession’s command-line argument handling, enabling privilege escalation on...

[Full-Disclosure] OpenServer 5.0.6 OpenServer 5.0.7 : scosessoin local privilege elevation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SCO Security Advisory Subject: OpenServer 5.0.6 OpenServer 5.0.7 : scosessoin local privilege elevation Advisory number: SCOSA-2005.5 Issue date: 2005 January 25 Cross reference: sr886719 fz528461 erg712476 CAN-2003-1021 1. Problem Description A probl...

sco_local_exploit.txt

Greetings, More SCO 5.0.x exploits, this time for scosession and scoterm. You'll only get egid=2bin out of scosession, but root for scoterm. Brock Tellier UNIX Systems Administrator Webley Systems www.webley.com --- scosessionx.c --- / SCO 5.0.x scosession local bin exploit sgid bin Will set...