Unixware Security Vulnerabilities and Issues — Unixware CVE List

Lucene search

CalderaUnixware

6 matches found

CVE•added 2003/04/02 5:0 a.m.•61 views

CVE-2002-0678

CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.

7.2CVSS6.2AI score0.0043EPSS

CVE•added 2003/04/02 5:0 a.m.•50 views

CVE-2002-0679

Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.

10CVSS7.9AI score0.70866EPSS

CVE•added 2003/04/02 5:0 a.m.•38 views

CVE-2002-0987

X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges.

7.2CVSS7AI score0.00146EPSS

CVE•added 2003/04/02 5:0 a.m.•37 views

CVE-2002-0988

Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities.

10CVSS7.3AI score0.00604EPSS

CVE•added 2003/04/02 5:0 a.m.•36 views

CVE-2002-0981

Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to execute arbitrary code via a long command line.

7.2CVSS7.6AI score0.00058EPSS

CVE•added 2003/04/02 5:0 a.m.•33 views

CVE-2002-0246

Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LC_MESSAGE environment variable to read other message catalogs containing format strings from setuid programs such as vxprint.

7.2CVSS6.8AI score0.00205EPSS