ScoCVEs & Vulnerabilities

129 CVEs affecting Sco products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

openserver 157unixware 127open desktop 29unix 25internet faststart 13openserver enterprise system 5open desktop lite 5open unix 5
CVE-2001-1578LOW

Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors.

31 Dec 2001
2.1
CVSS
CVE-2001-1579MEDIUM

The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.

31 Dec 2001
5.0
CVSS
CVE-2001-0797CRITICALpoc

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

12 Dec 2001
10.0
CVSS
CVE-2001-0896MEDIUM

Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO.

30 Nov 2001
5.0
CVSS
CVE-2001-0587HIGH

deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command.

22 Aug 2001
7.2
CVSS
CVE-2001-0588MEDIUM

sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command.

22 Aug 2001
4.6
CVSS
CVE-2001-0627LOW

vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack.

22 Aug 2001
3.7
CVSS
CVE-2001-0575MEDIUMpoc

Buffer overflow in lpshut in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a long first argument to lpshut.

22 Aug 2001
4.6
CVSS
CVE-2001-0578MEDIUMpoc

Buffer overflow in lpforms in SCO OpenServer 5.0-5.0.6 can allow a local attacker to gain additional privileges via a long first argument to the lpforms command.

22 Aug 2001
4.6
CVSS
CVE-2001-0576MEDIUMpoc

lpusers as included with SCO OpenServer 5.0 through 5.0.6 allows a local attacker to gain additional privileges via a buffer overflow attack in the '-u' command line parameter.

22 Aug 2001
4.6
CVSS
CVE-2001-0577HIGHpoc

recon in SCO OpenServer 5.0 through 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first command line argument.

22 Aug 2001
7.2
CVSS
CVE-2001-0579HIGHpoc

lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first argument to the command.

22 Aug 2001
7.5
CVSS
CVE-2001-1148MEDIUM

Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and earlier allow local users to gain privileges via a long TERM environment variable to (1) atcronsh, (2) auditsh, (3) authsh, (4) backupsh, (5) lpsh, (6) sysadm.menu, or (7) termsh.

13 Jun 2001
4.6
CVSS
CVE-2000-0307MEDIUM

Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024.

12 Mar 2001
5.0
CVSS
CVE-2000-0308CRITICAL

Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.

12 Mar 2001
10.0
CVSS
CVE-2000-0348CRITICAL

A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges.

12 Mar 2001
10.0
CVSS
CVE-2000-0349MEDIUM

Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of service.

12 Mar 2001
5.0
CVSS
CVE-2000-0351MEDIUM

Some packaging commands in SCO UnixWare 7.1.0 have insecure privileges, which allows local users to add or remove software packages.

12 Mar 2001
4.6
CVSS
CVE-2000-0306CRITICALpoc

Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message.

12 Mar 2001
10.0
CVSS
CVE-2000-1014HIGHpoc

Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter.

11 Dec 2000
7.5
CVSS
CVE-2000-0842MEDIUM

The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.

14 Nov 2000
5.0
CVSS
CVE-1999-0979HIGHpoc

The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is executed.

11 Apr 2000
7.2
CVSS
CVE-2000-0173MEDIUM

Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service.

10 Mar 2000
5.0
CVSS
CVE-1999-0693HIGHpoc

Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.

2 Mar 2000
7.2
CVSS
CVE-2000-0158HIGH

Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon.

16 Feb 2000
7.5
CVSS
CVE-2000-0154LOWpoc

The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack.

16 Feb 2000
1.2
CVSS
CVE-2000-0224LOWpoc

ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack.

15 Feb 2000
1.2
CVSS
CVE-2000-0147LOW

snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration.

8 Feb 2000
2.1
CVSS
CVE-2000-0215HIGH

Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges.

8 Feb 2000
7.2
CVSS
CVE-2000-0130HIGH

Buffer overflow in SCO scohelp program allows remote attackers to execute commands.

27 Jan 2000
7.2
CVSS
CVE-2000-0099HIGH

Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument.

18 Jan 2000
7.2
CVSS
CVE-2000-0003CRITICAL

Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable.

30 Dec 1999
10.0
CVSS
CVE-2000-0029MEDIUM

UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack.

27 Dec 1999
4.6
CVSS
CVE-2000-0026CRITICALpoc

Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string.

21 Dec 1999
10.0
CVSS
CVE-1999-0988HIGHpoc

UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack.

4 Dec 1999
7.2
CVSS
CVE-1999-0825LOWpoc

The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail.

3 Dec 1999
3.6
CVSS
CVE-1999-0864HIGHpoc

UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file.

3 Dec 1999
7.2
CVSS
CVE-1999-0866HIGHpoc

Buffer overflow in UnixWare xauto program allows local users to gain root privilege.

3 Dec 1999
7.2
CVSS
CVE-1999-0828LOWpoc

UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission.

2 Dec 1999
3.6
CVSS
CVE-1999-0845HIGHpoc

Buffer overflow in SCO su program allows local users to gain root access via a long username.

25 Nov 1999
7.2
CVSS
CVE-1999-0835CRITICAL

Denial of service in BIND named via malformed SIG records.

10 Nov 1999
10.0
CVSS
CVE-1999-0851LOW

Denial of service in BIND named via naptr.

10 Nov 1999
2.1
CVSS
CVE-1999-1571HIGH

Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.

4 Nov 1999
7.2
CVSS
CVE-1999-0830HIGHpoc

Buffer overflow in SCO UnixWare Xsco command via a long argument.

1 Nov 1999
7.2
CVSS
CVE-1999-0893LOWpoc

userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack.

11 Oct 1999
2.1
CVSS
CVE-1999-0942HIGH

UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes.

4 Oct 1999
7.2
CVSS
CVE-1999-0697HIGH

SCO Doctor allows local users to gain root privileges through a Tools option.

9 Sep 1999
7.2
CVSS
CVE-1999-0411HIGH

Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access.

7 Mar 1999
7.2
CVSS
Sco CVEs & Vulnerabilities — 129 Tracked — Page 2