Unixware@7.1.1 Security Vulnerabilities and Issues — Unixware@7.1.1 CVE List

Lucene search

ScoUnixware7.1.1

17 matches found

CVE•added 2005/01/10 5:0 a.m.•78 views

CVE-2004-0996

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.

2.1CVSS6AI score0.00393EPSS

CVE•added 2003/12/15 5:0 a.m.•58 views

CVE-2003-0914

ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

4.3CVSS6.2AI score0.19846EPSS

CVE•added 2003/12/01 5:0 a.m.•54 views

CVE-2003-0834

Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.

7.2CVSS7.1AI score0.00628EPSS

CVE•added 2003/12/15 5:0 a.m.•53 views

CVE-2003-0937

SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user.

4.6CVSS6.4AI score0.00089EPSS

CVE•added 2000/02/04 5:0 a.m.•48 views

CVE-1999-0988

UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack.

7.2CVSS6.7AI score0.00187EPSS

CVE•added 2005/01/19 5:0 a.m.•48 views

CVE-2004-1039

The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request.

5CVSS6.8AI score0.00763EPSS

CVE•added 2000/06/02 4:0 a.m.•45 views

CVE-1999-0836

UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack.

10CVSS7.1AI score0.01565EPSS

CVE•added 2000/06/02 4:0 a.m.•41 views

CVE-1999-0864

UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file.

7.2CVSS6.6AI score0.00241EPSS

CVE•added 2000/04/11 4:0 a.m.•40 views

CVE-1999-0979

The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is executed.

7.2CVSS6.9AI score0.00243EPSS

CVE•added 2000/04/10 4:0 a.m.•37 views

CVE-2000-0215

Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges.

7.2CVSS6.9AI score0.00081EPSS

CVE•added 2005/01/29 5:0 a.m.•37 views

CVE-2004-1124

Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities.

4.6CVSS6.3AI score0.00103EPSS

CVE•added 2000/06/02 4:0 a.m.•34 views

CVE-1999-0866

Buffer overflow in UnixWare xauto program allows local users to gain root privilege.

7.2CVSS7.2AI score0.00237EPSS

CVE•added 2000/02/23 5:0 a.m.•34 views

CVE-2000-0154

The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack.

1.2CVSS6.8AI score0.00289EPSS

CVE•added 2005/07/14 4:0 a.m.•34 views

CVE-2002-1998

Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21).

7.5CVSS8.2AI score0.02523EPSS

CVE•added 2005/05/18 4:0 a.m.•34 views

CVE-2005-0134

The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets.

4.6CVSS6.8AI score0.00066EPSS

CVE•added 2000/03/22 5:0 a.m.•32 views

CVE-2000-0173

Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service.

5CVSS7AI score0.00655EPSS

CVE•added 2000/04/10 4:0 a.m.•32 views

CVE-2000-0224

ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack.

1.2CVSS7AI score0.00254EPSS