Filtered by vendor Sco
Subscribe
Total
129 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3625 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
|
|||||
| CVE-1999-0835 | 3 Ibm, Sco, Sun | 4 Aix, Openserver, Unixware and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Denial of service in BIND named via malformed SIG records.
|
|||||
| CVE-1999-1209 | 1 Sco | 2 Open Desktop, Openserver | 2025-04-03 | 7.2 HIGH | N/A |
|
Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Open Server 3.0 allows local users to gain root privileges.
|
|||||
| CVE-2005-2132 | 1 Sco | 1 Unixware | 2025-04-03 | 2.1 LOW | N/A |
|
RPC portmapper (rpcbind) in SCO UnixWare 7.1.1 m5, 7.1.3 mp5, and 7.1.4 mp2 allows remote attackers or local users to cause a denial of service (lack of response) via multiple invalid portmap requests.
|
|||||
| CVE-1999-0345 | 4 Freebsd, Ibm, Sco and 1 more | 7 Freebsd, Aix, Sng and 4 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.
|
|||||
| CVE-2000-0351 | 1 Sco | 1 Unixware | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Some packaging commands in SCO UnixWare 7.1.0 have insecure privileges, which allows local users to add or remove software packages.
|
|||||
| CVE-2005-0993 | 1 Sco | 1 Openserver | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users to execute arbitrary code via a long command line argument.
|
|||||
| CVE-1999-0851 | 3 Ibm, Sco, Sun | 4 Aix, Openserver, Unixware and 1 more | 2025-04-03 | 2.1 LOW | N/A |
|
Denial of service in BIND named via naptr.
|
|||||
| CVE-1999-0096 | 3 Bsdi, Freebsd, Sco | 4 Bsd Os, Freebsd, Internet Faststart and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Sendmail decode alias can be used to overwrite sensitive files.
|
|||||
| CVE-2004-0390 | 1 Sco | 1 Openserver | 2025-04-03 | 7.5 HIGH | N/A |
|
SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods.
|
|||||
| CVE-2000-0348 | 1 Sco | 1 Unixware | 2025-04-03 | 10.0 HIGH | N/A |
|
A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges.
|
|||||
| CVE-2003-0658 | 2 Caldera, Sco | 4 Openlinux Server, Openlinux Workstation, Openserver and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.
|
|||||
| CVE-2000-0308 | 2 Netscape, Sco | 4 Enterprise Server, Fasttrack Server, Proxy Server and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.
|
|||||
| CVE-2005-3624 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
|
|||||
| CVE-2002-1199 | 3 Caldera, Sco, Sun | 4 Openlinux, Openserver, Solaris and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
|
|||||
| CVE-2004-0081 | 23 4d, Apple, Avaya and 20 more | 66 Webstar, Mac Os X, Mac Os X Server and 63 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
|
|||||
| CVE-2005-2926 | 1 Sco | 1 Openserver | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable.
|
|||||
| CVE-2004-0511 | 1 Sco | 1 Openserver | 2025-04-03 | 2.1 LOW | N/A |
|
Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a null dereference.
|
|||||
| CVE-1999-0153 | 2 Microsoft, Sco | 4 Windows 2000, Windows 95, Windows Nt and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke.
|
|||||
| CVE-2004-1039 | 1 Sco | 2 Openserver, Unixware | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request.
|
|||||
| CVE-2006-4655 | 2 Sco, Sun | 2 Unixware, Solaris | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable value.
|
|||||
| CVE-2000-0003 | 1 Sco | 1 Unixware | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable.
|
|||||
| CVE-2001-0575 | 1 Sco | 1 Openserver | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflow in lpshut in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a long first argument to lpshut.
|
|||||
| CVE-2001-1508 | 1 Sco | 1 Openserver | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument.
|
|||||
| CVE-1999-1305 | 1 Sco | 5 Open Desktop, Open Desktop Lite, Openserver Enterprise System and 2 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Vulnerability in "at" program in SCO UNIX 4.2 and earlier allows local users to gain root access.
|
|||||
| CVE-1999-0078 | 10 Bsdi, Freebsd, Hp and 7 more | 11 Bsd Os, Freebsd, Hp-ux and 8 more | 2025-04-03 | 1.9 LOW | N/A |
|
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
|
|||||
| CVE-2003-0742 | 1 Sco | 1 Openserver | 2025-04-03 | 7.2 HIGH | N/A |
|
SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program.
|
|||||
| CVE-1999-0825 | 1 Sco | 1 Unixware | 2025-04-03 | 3.6 LOW | N/A |
|
The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail.
|
|||||
| CVE-2003-0597 | 1 Sco | 1 Openserver | 2025-04-03 | 7.2 HIGH | N/A |
|
Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges.
|
|||||
| CVE-2003-0872 | 1 Sco | 1 Openserver | 2025-04-03 | 2.1 LOW | N/A |
|
Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files.
|
|||||
| CVE-2005-0134 | 1 Sco | 1 Unixware | 2025-04-03 | 4.6 MEDIUM | N/A |
|
The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets.
|
|||||
| CVE-1999-0798 | 5 Bsdi, Freebsd, Openbsd and 2 more | 7 Bsd Os, Freebsd, Openbsd and 4 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
|
|||||
| CVE-2001-1578 | 1 Sco | 1 Openserver | 2025-04-03 | 2.1 LOW | N/A |
|
Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors.
|
|||||
| CVE-2000-0154 | 1 Sco | 1 Unixware | 2025-04-03 | 1.2 LOW | N/A |
|
The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack.
|
|||||
| CVE-1999-0023 | 6 Bsdi, Freebsd, Ibm and 3 more | 10 Bsd Os, Freebsd, Aix and 7 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Local user gains root privileges via buffer overflow in rdist, via lookup() function.
|
|||||
| CVE-2003-0791 | 2 Mozilla, Sco | 2 Mozilla, Openserver | 2025-04-03 | 7.5 HIGH | 9.8 CRITICAL |
|
The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.
|
|||||
| CVE-2003-0834 | 1 Sco | 2 Open Unix, Unixware | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.
|
|||||
| CVE-2000-1014 | 1 Sco | 1 Unixware | 2025-04-03 | 7.5 HIGH | N/A |
|
Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter.
|
|||||
| CVE-2004-0996 | 4 Cscope, Debian, Gentoo and 1 more | 4 Cscope, Debian Linux, Linux and 1 more | 2025-04-03 | 2.1 LOW | N/A |
|
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
|
|||||
| CVE-2004-0112 | 24 4d, Apple, Avaya and 21 more | 65 Webstar, Mac Os X, Mac Os X Server and 62 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
|
|||||