Openserver@5.0.5 Security Vulnerabilities and Issues — Openserver@5.0.5 CVE List

Lucene search

ScoOpenserver5.0.5

15 matches found

CVE•added 2002/06/25 4:0 a.m.•153 views

CVE-2001-0797

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

10CVSS7.4AI score0.88625EPSS

CVE•added 1999/09/29 4:0 a.m.•116 views

CVE-1999-0368

Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.

10CVSS6.7AI score0.48326EPSS

CVE•added 2000/02/16 5:0 a.m.•112 views

CVE-2000-0147

snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration.

2.1CVSS7.4AI score0.0013EPSS

CVE•added 2005/04/14 4:0 a.m.•49 views

CVE-2004-0390

SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods.

7.5CVSS7.3AI score0.03359EPSS

CVE•added 2006/01/04 12:3 a.m.•47 views

CVE-2006-0072

Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector.

7.5CVSS7.9AI score0.05386EPSS

CVE•added 2002/10/15 4:0 a.m.•44 views

CVE-1999-1571

Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.

7.2CVSS7.3AI score0.00099EPSS

CVE•added 2004/09/01 4:0 a.m.•44 views

CVE-2002-1199

The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.

5CVSS6.5AI score0.02144EPSS

CVE•added 2003/11/17 5:0 a.m.•43 views

CVE-2003-0872

Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files.

2.1CVSS6.3AI score0.00097EPSS

CVE•added 2005/07/14 4:0 a.m.•41 views

CVE-2001-1508

Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument.

4.6CVSS7.5AI score0.00103EPSS

CVE•added 2003/10/06 4:0 a.m.•41 views

CVE-2003-0742

SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program.

7.2CVSS7AI score0.00181EPSS

CVE•added 2002/03/09 5:0 a.m.•40 views

CVE-2001-0627

vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack.

3.7CVSS6.4AI score0.00117EPSS

CVE•added 2000/10/13 4:0 a.m.•39 views

CVE-1999-0697

SCO Doctor allows local users to gain root privileges through a Tools option.

7.2CVSS7AI score0.00081EPSS

CVE•added 2000/02/23 5:0 a.m.•38 views

CVE-2000-0158

Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon.

7.5CVSS7.7AI score0.00867EPSS

CVE•added 2002/06/25 4:0 a.m.•38 views

CVE-2001-0896

Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO.

5CVSS7AI score0.00763EPSS

CVE•added 2003/04/02 5:0 a.m.•36 views

CVE-2002-0716

Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument.

7.2CVSS7AI score0.00082EPSS