| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in SCO su program allows local users to gain root access via a long username. |
| Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. |
| Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable. |
| Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string. |
| A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges. |
| Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument. |
| The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service. |
| SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program. |
| The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed. |
| Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users to execute arbitrary code via a long command line argument. |
| deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command. |
| Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21). |
| Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. |
| The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| The scosession program in OpenServer 5.0.6 and 5.0.7 allows local users to gain privileges via crafted strings on the commandline. |
| The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is executed. |
| Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and earlier allow local users to gain privileges via a long TERM environment variable to (1) atcronsh, (2) auditsh, (3) authsh, (4) backupsh, (5) lpsh, (6) sysadm.menu, or (7) termsh. |
| Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a core dump. |
| lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first argument to the command. |
| UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack. |