Unixware

The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets.

Published: 2005-05-18T04:00:00.000Z
Updated: 2024-08-07T21:05:23.986Z

Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities.

Published: 2005-01-29T05:00:00.000Z
Updated: 2024-08-08T00:39:00.939Z

The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request.

Published: 2005-01-19T05:00:00.000Z
Updated: 2024-08-08T00:39:00.543Z

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.

Published: 2004-12-01T05:00:00.000Z
Updated: 2024-08-08T00:39:00.654Z

SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user.

Published: 2003-11-18T05:00:00.000Z
Updated: 2024-08-08T02:12:35.455Z

ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

Published: 2003-12-02T05:00:00.000Z
Updated: 2024-08-08T02:12:34.426Z

Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.

Published: 2003-11-06T05:00:00.000Z
Updated: 2024-08-08T02:05:12.580Z

Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21).

Published: 2005-07-14T04:00:00.000Z
Updated: 2024-09-17T00:46:05.304Z

ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack.

Published: 2000-04-10T04:00:00.000Z
Updated: 2024-08-08T05:05:54.219Z

Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges.

Published: 2000-04-10T04:00:00.000Z
Updated: 2024-08-08T05:05:54.168Z

Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service.

Published: 2000-03-22T05:00:00.000Z
Updated: 2024-08-08T05:05:53.928Z

The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack.

Published: 2000-02-23T05:00:00.000Z
Updated: 2024-08-08T05:05:53.998Z

UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack.

Published: 2000-02-04T05:00:00.000Z
Updated: 2024-08-01T16:55:29.416Z

The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is executed.

Published: 2000-01-04T05:00:00.000Z
Updated: 2024-08-01T16:55:29.347Z

Buffer overflow in UnixWare xauto program allows local users to gain root privilege.

Published: 2000-06-02T04:00:00.000Z
Updated: 2024-08-01T16:55:28.964Z

UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file.

Published: 2000-06-02T04:00:00.000Z
Updated: 2024-08-01T16:55:27.897Z

UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack.

Published: 2000-06-02T04:00:00.000Z
Updated: 2024-08-01T16:48:38.069Z