GCVE - cpe:2.3:o:sco:openserver:5.0.5:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:sco:openserver:5.0.5:*:*:*:*:*:*:*

part: o version: 5.0.5 update: *

Vendor	Sco (`8a7b4ff4-f0ef-5eb2-a676-8694bf3a5407`)
Product	Openserver (`c0d07576-c403-5ab0-85f1-50d7038f9946`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2006-0072`	vulnerable	2026-06-03 14:27:15.137536	Details available Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector. Published: 2006-01-04T00:00:00.000Z Updated: 2024-08-07T16:18:20.750Z Open on db.gcve.eu Reference links http://downloads.securityfocus.com/vulnerabilities/exploits/Openserver_bof.c http://www.securityfocus.com/bid/16122 http://www.securityfocus.com/archive/1/420677	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0390`	vulnerable	2026-06-03 14:26:35.379288	Details available SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods. Published: 2005-04-14T04:00:00.000Z Updated: 2024-08-08T00:17:14.508Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/16113 http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0424.html http://www.securityfocus.com/advisories/6684	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2003-1021`	not_vulnerable	2026-06-03 14:26:27.161005	Details available The scosession program in OpenServer 5.0.6 and 5.0.7 allows local users to gain privileges via crafted strings on the commandline. Published: 2005-02-06T05:00:00.000Z Updated: 2024-08-08T02:12:35.485Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/12372 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.5/SCOSA-2005.5.txt http://www.kb.cert.org/vuls/id/972598 http://secunia.com/advisories/14012/ https://exchange.xforce.ibmcloud.com/vulnerabilities/19479	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2003-0872`	vulnerable	2026-06-03 14:26:26.788745	Details available Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files. Published: 2003-10-25T04:00:00.000Z Updated: 2024-08-08T02:05:12.642Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/8864 ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.27/CSSA-2003-SCO.27.txt	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2003-0742`	vulnerable	2026-06-03 14:26:26.407297	Details available SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program. Published: 2003-09-19T04:00:00.000Z Updated: 2024-08-08T02:05:12.358Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0742	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-1199`	vulnerable	2026-06-03 14:26:16.095372	Details available The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments. Published: 2004-09-01T04:00:00.000Z Updated: 2024-08-08T03:19:27.865Z Open on db.gcve.eu Reference links http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47903 http://marc.info/?l=bugtraq&m=103426842025029&w=2 ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40 http://www.iss.net/security_center/static/10329.php http://www.kb.cert.org/vuls/id/538033	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-0716`	vulnerable	2026-06-03 14:26:14.935539	Details available Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument. Published: 2003-04-02T05:00:00.000Z Updated: 2024-08-08T02:56:38.763Z Open on db.gcve.eu Reference links http://www.iss.net/security_center/static/9271.php http://marc.info/?l=vuln-dev&m=102323386107641&w=2 http://www.securityfocus.com/bid/4938 http://marc.info/?l=bugtraq&m=102323070305101&w=2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2001-1508`	vulnerable	2026-06-03 14:26:12.828898	Details available Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument. Published: 2005-07-14T04:00:00.000Z Updated: 2024-08-08T04:58:11.645Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/2597 ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.38/CSSA-2001-SCO.38.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/6413	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2001-0896`	vulnerable	2026-06-03 14:26:02.455390	Details available Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO. Published: 2002-06-25T04:00:00.000Z Updated: 2024-08-08T04:37:07.001Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/7571 http://marc.info/?l=bugtraq&m=101284101228656&w=2 http://marc.info/?l=bugtraq&m=101303877215098&w=2 ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.33/CSSA-2001-SCO.33.txt	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2001-0797`	vulnerable	2026-06-03 14:26:02.263825	Details available Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. Published: 2002-06-25T04:00:00.000Z Updated: 2024-08-08T04:30:06.151Z Open on db.gcve.eu Reference links https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2025 http://www.cert.org/advisories/CA-2001-34.html https://exchange.xforce.ibmcloud.com/vulnerabilities/7284 http://www-1.ibm.com/support/search.wss?rs=0&q=IY26221&apar=only http://marc.info/?l=bugtraq&m=100844757228307&w=2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2001-0627`	vulnerable	2026-06-03 14:26:01.981415	Details available vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack. Published: 2002-03-09T05:00:00.000Z Updated: 2024-08-08T04:30:05.944Z Open on db.gcve.eu Reference links http://www.kb.cert.org/vuls/id/747736 http://www.securityfocus.com/bid/2752 http://archives.neohapsis.com/archives/bugtraq/2001-05/0220.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6588 ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.17/CSSA-2001-SCO.17.txt	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0158`	vulnerable	2026-06-03 14:25:42.728665	Details available Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon. Published: 2000-02-23T05:00:00.000Z Updated: 2024-08-08T05:05:54.006Z Open on db.gcve.eu Reference links http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=000001bf78af%246d0d47a0%244d2f45a1%40jmagdych.na.nai.com http://www.securityfocus.com/bid/997 http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=200002181449.JAA03436%40dragonfly.corp.home.net ftp://ftp.sco.com/SSE/security_bulletins/SB-00.06a	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0147`	vulnerable	2026-06-03 14:25:42.716326	Details available snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration. Published: 2000-02-16T05:00:00.000Z Updated: 2024-08-08T05:05:53.963Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/973 http://archives.neohapsis.com/archives/bugtraq/2000-02/0045.html ftp://ftp.sco.com/SSE/security_bulletins/SB-00.04a	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-1999-1571`	vulnerable	2026-06-03 14:25:42.478370	Details available Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570. Published: 2002-10-15T04:00:00.000Z Updated: 2024-08-01T17:18:07.577Z Open on db.gcve.eu Reference links http://marc.info/?l=bugtraq&m=94053017801639&w=2 http://online.securityfocus.com/archive/1/27074 http://marc.info/?l=bugtraq&m=94183363719024&w=2 ftp://stage.caldera.com/pub/security/sse/sse037c/sse037c.ltr http://www.iss.net/security_center/static/8989.php	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-1999-0697`	vulnerable	2026-06-03 14:25:41.477031	Details available SCO Doctor allows local users to gain root privileges through a Tools option. Published: 2000-10-13T04:00:00.000Z Updated: 2024-08-01T16:48:37.340Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/621	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-1999-0368`	vulnerable	2026-06-03 14:25:41.242325	Details available Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. Published: 1999-09-29T04:00:00.000Z Updated: 2024-08-01T16:34:51.941Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.