Unixware@7.1.3 Security Vulnerabilities and Issues — Unixware@7.1.3 CVE List

Lucene search

ScoUnixware7.1.3

13 matches found

CVE•added 2005/01/10 5:0 a.m.•77 views

CVE-2004-0996

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.

2.1CVSS6AI score0.00393EPSS

CVE•added 2005/03/08 5:0 a.m.•76 views

CVE-2005-0109

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys,...

5.6CVSS5.4AI score0.00143EPSS

CVE•added 2004/09/01 4:0 a.m.•54 views

CVE-2002-1323

Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.

4.6CVSS6.2AI score0.00082EPSS

CVE•added 2003/12/01 5:0 a.m.•54 views

CVE-2003-0834

Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.

7.2CVSS7.1AI score0.00628EPSS

CVE•added 2003/12/15 5:0 a.m.•53 views

CVE-2003-0937

SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user.

4.6CVSS6.4AI score0.00089EPSS

CVE•added 2003/10/20 4:0 a.m.•50 views

CVE-2003-0658

Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.

5CVSS7.1AI score0.00556EPSS

CVE•added 2005/01/19 5:0 a.m.•48 views

CVE-2004-1039

The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request.

5CVSS6.8AI score0.00763EPSS

CVE•added 2005/10/25 4:2 p.m.•48 views

CVE-2005-2927

Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the (1) prompt or (2) defprompt command.

7.2CVSS7.7AI score0.00096EPSS

CVE•added 2005/12/14 11:3 a.m.•45 views

CVE-2005-3903

Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary code via a -S (scheme) argument that specifies a large file, a different vulnerability than CVE-2001-1063.

4.6CVSS7.5AI score0.002EPSS

CVE•added 2006/09/09 12:4 a.m.•41 views

CVE-2006-4655

Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable value.

4.6CVSS6.8AI score0.00498EPSS

CVE•added 2006/02/24 1:0 a.m.•38 views

CVE-2005-2934

Unspecified vulnerability in ptrace in SCO UnixWare 7.1.3 and 7.1.4 allows local users to gain privileges via unspecified vectors.

7.2CVSS6.5AI score0.00539EPSS

CVE•added 2005/01/29 5:0 a.m.•37 views

CVE-2004-1124

Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities.

4.6CVSS6.3AI score0.00103EPSS

CVE•added 2005/05/18 4:0 a.m.•34 views

CVE-2005-0134

The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets.

4.6CVSS6.8AI score0.00066EPSS