Filtered by vendor Sco Subscriptions
Filtered by product Unixware Subscriptions
Total 66 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2002-1998 1 Sco 2 Open Unix, Unixware 2024-09-17 N/A
Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21).
CVE-2001-1579 1 Sco 2 Open Unix, Unixware 2024-09-16 N/A
The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.
CVE-2000-1014 1 Sco 1 Unixware 2024-08-08 N/A
Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter.
CVE-2000-0842 1 Sco 1 Unixware 2024-08-08 N/A
The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2000-0348 1 Sco 1 Unixware 2024-08-08 N/A
A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges.
CVE-2000-0349 1 Sco 1 Unixware 2024-08-08 N/A
Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of service.
CVE-2000-0351 1 Sco 1 Unixware 2024-08-08 N/A
Some packaging commands in SCO UnixWare 7.1.0 have insecure privileges, which allows local users to add or remove software packages.
CVE-2000-0308 2 Netscape, Sco 4 Enterprise Server, Fasttrack Server, Proxy Server and 1 more 2024-08-08 N/A
Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.
CVE-2000-0307 1 Sco 3 Open Desktop, Openserver, Unixware 2024-08-08 N/A
Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024.
CVE-2000-0224 1 Sco 1 Unixware 2024-08-08 N/A
ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack.
CVE-2000-0215 1 Sco 1 Unixware 2024-08-08 N/A
Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges.
CVE-2000-0099 1 Sco 1 Unixware 2024-08-08 N/A
Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument.
CVE-2000-0154 1 Sco 1 Unixware 2024-08-08 N/A
The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack.
CVE-2000-0173 1 Sco 1 Unixware 2024-08-08 N/A
Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service.
CVE-2000-0130 1 Sco 1 Unixware 2024-08-08 N/A
Buffer overflow in SCO scohelp program allows remote attackers to execute commands.
CVE-2000-0003 1 Sco 1 Unixware 2024-08-08 N/A
Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable.
CVE-2000-0029 1 Sco 1 Unixware 2024-08-08 N/A
UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack.
CVE-2000-0026 2 Sco, Windowmaker 2 Unixware, Wmmon 2024-08-08 N/A
Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string.
CVE-2002-1323 5 Redhat, Safe.pm, Sco and 2 more 10 Enterprise Linux, Linux, Linux Advanced Workstation and 7 more 2024-08-08 N/A
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
CVE-2003-0937 1 Sco 2 Open Unix, Unixware 2024-08-08 N/A
SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user.