MidnightBSD

Advisories for sco

CVE-1999-0004 MEDIUM

MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
university_of_washington pine 4.02
hp dtmail *
sco unixware 7.0
CVE-1999-0009 HIGH

Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 5.0.1
sco open_desktop 3.0
sgi irix 4.0.5_iop
data_general dg_ux 5.4_4.1
ibm aix 4.2
sgi irix 5.1.1
sgi irix 4.0.5f
sun sunos 5.4
sgi irix 4.0.4
sgi irix 4.0.4t
sgi irix 6.2
sgi irix 4.0.2
sgi irix 4.0.1t
sun solaris 2.5
sgi irix 4.0.5_ipr
sco open_desktop 5.0
redhat linux 4.2
sgi irix 4.0.3
sgi irix 6.3
sun sunos 5.5.1
sun sunos 5.3
bsdi bsd_os 2.0.1
sgi irix 4.0.5e
caldera openlinux 1.0
ibm aix 4.2.1
sgi irix 3.3.3
sgi irix 6.0
sgi irix 4.0.5g
netbsd netbsd 1.2.1
ibm aix 4.1.2
netbsd netbsd 1.0
sgi irix 3.2
sgi irix 4.0.5h
redhat linux 4.1
sco unixware 2.1
ibm aix 4.1.5
sco unixware 7.0
nec asl_ux_4800 64
sgi irix 4.0.5
sgi irix 5.2
netbsd netbsd 1.2
ibm aix 4.1
isc bind 8.1
ibm aix 4.1.1
sun sunos 5.5
sgi irix 5.0
sun sunos -
bsdi bsd_os 2.0
sgi irix 3.3.1
sgi irix 4.0.5d
netbsd netbsd 1.1
sgi irix 4.0.4b
sgi irix 4.0
ibm aix 4.1.4
sgi irix 6.1
ibm aix 4.3
isc bind 4.9.6
sgi irix 5.3
redhat linux 4.0
sun solaris 2.6
sgi irix 3.3.2
data_general dg_ux 5.4_3.0
netbsd netbsd 1.3
ibm aix 4.1.3
sun solaris 2.5.1
isc bind 8.1.1
sgi irix 5.1
bsdi bsd_os 2.1
sgi irix 3.3
data_general dg_ux 5.4_4.11
netbsd netbsd 1.3.1
sgi irix 4.0.1
sgi irix 4.0.5a
redhat linux 5.0
data_general dg_ux 5.4_3.1
CVE-1999-0010 MEDIUM

Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
nec asl_ux_4800 11
sco open_desktop 3.0
ibm aix 4.1
sun sunos 5.5
ibm aix 4.2
sun sunos 5.4
data_general dg_ux y2k_patchr4.20mu03
isc bind 8
nec asl_ux_4800 13
isc bind 4.9
redhat linux 4.2
sun sunos 5.5.1
ibm aix 4.3
sun sunos 5.3
data_general dg_ux y2k_patchr4.11mu05
data_general dg_ux y2k_patchr4.20mu01
sco openserver 5.0
data_general dg_ux y2k_patchr4.20mu02
netbsd netbsd 1.3
sun sunos 5.6
sco unix 3.2v4
sco unixware 2.1
netbsd netbsd 1.3.1
redhat linux 5.0
sco unixware 7.0
data_general dg_ux y2k_patchr4.12mu03
CVE-1999-0011 HIGH

Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,CWE-1067,

Products Affected

Vendor Product Version
nec asl_ux_4800 11
sco open_desktop 3.0
ibm aix 4.1
sun sunos 5.5
ibm aix 4.2
sun sunos 5.4
data_general dg_ux y2k_patchr4.20mu03
isc bind 8
nec asl_ux_4800 13
isc bind 4.9
redhat linux 4.2
sun sunos 5.5.1
ibm aix 4.3
sun sunos 5.3
data_general dg_ux y2k_patchr4.11mu05
data_general dg_ux y2k_patchr4.20mu01
sco openserver 5.0
data_general dg_ux y2k_patchr4.20mu02
netbsd netbsd 1.3
sun sunos 5.6
sco unix 3.2v4
sco unixware 2.1
netbsd netbsd 1.3.1
redhat linux 5.0
sco unixware 7.0
data_general dg_ux y2k_patchr4.12mu03
CVE-1999-0017 HIGH

FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
freebsd freebsd 2.0
siemens reliant_unix *
netbsd netbsd 1.2
sco open_desktop 3.0
ibm aix 4.1
sun sunos 5.5
ibm aix 4.2
sun sunos 5.4
sco openserver 5.0.4
freebsd freebsd 2.1.7
netbsd netbsd 1.1
freebsd freebsd 1.0
caldera openlinux 1.2
sun sunos 4.1.4
sun sunos 5.5.1
gnu inet 6.01
ibm aix 4.3
sun sunos 5.3
freebsd freebsd 2.1.0
washington_university wu-ftpd 2.4
gnu inet 6.02
netbsd netbsd 1.2.1
freebsd freebsd 1.1
gnu inet 5.01
netbsd netbsd 1.0
sun sunos 4.1.3u1
freebsd freebsd 1.2
sco unixware 2.1
ibm aix 3.2
CVE-1999-0019 MEDIUM

Delete or create a file via rpc.statd, due to invalid information.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.1
sun sunos 5.3
ibm aix 4.1
data_general dg_ux 4.11
sun sunos 5.5
sco open_desktop 3
sco openserver 5.0
sco unixware 2
sun sunos 5.4
nighthawk powerux *
sco openserver 3.0
nighthawk cx_ux *
ncr mp-ras 2.03
ncr mp-ras 3.0
sun sunos 4.1.4
ibm aix 3.2
sun sunos 4.1.3
sco open_desktop 2
CVE-1999-0023 HIGH

Local user gains root privileges via buffer overflow in rdist, via lookup() function.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
freebsd freebsd 2.0
sco openserver 5.0.2
sco open_desktop 3.0
ibm aix 4.1
sun sunos 5.5
sco internet_faststart 1.0
ibm aix 4.2
sun sunos 5.4
sun sunos -
sco openserver 2.0
sco tcp_ip 1.2.0
inet inet 6.01
sco tcp_ip 1.2.1
sco open_desktop 2.0
sun sunos 4.1.4
sco unixware 2.0
sun sunos 5.5.1
sun sunos 4.1.3
sun sunos 5.3
freebsd freebsd 2.1.0
freebsd freebsd 2.0.5
bsdi bsd_os *
inet inet 5.01
sco openserver 5.0
freebsd freebsd 2.2
sun sunos 4.1.3u1
sco unixware 2.1
ibm aix 3.2
CVE-1999-0024 MEDIUM

DNS cache poisoning via BIND, by predictable query IDs.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sun sunos 5.3
nec asl_ux_4800 64
sco open_desktop 3.0
ibm aix 4.1
isc bind 8.1
sun solaris 2.4
sun sunos 5.5
nec ews-ux_v 4.2
sco openserver 5.0
sun solaris 2.6
isc bind 4.9.5
ibm aix 4.2
nec up-ux_v 4.2mp
sun sunos 5.4
sun sunos -
sun solaris 2.5.1
nec ews-ux_v 4.2mp
bsdi bsd_os 2.1
sun solaris 2.5
sco unix 3.2v4
sco unixware 2.1
sun sunos 5.5.1
bsdi bsd_os 3.0
CVE-1999-0033 HIGH

Command execution in Sun systems via buffer overflow in the at program.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sun sunos 5.3
sco open_desktop 3.0
sun sunos 5.5
sco openserver 5.0
sun sunos 5.4
sco openserver 3.0
sgi irix *
ncr mp-ras 3.0
sco unixware 3.2v4
sco unixware 2.1
sun sunos 5.5.1
ibm aix *
CVE-1999-0078 LOW

pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
freebsd freebsd 6.2
sgi irix 5.3
ibm aix 4.1
bsdi bsd_os *
sun sunos 5.5
hp hp-ux *
ibm aix 4.2
sun sunos 5.4
nec up-ux_v *
sun sunos 4.1
ncr mp-ras 2.03
ncr mp-ras 3.0
next nextstep *
sco openserver 5
ncr mp-ras 3.01
sco unixware 2.1
ibm aix 3.2
CVE-1999-0096 MEDIUM

Sendmail decode alias can be used to overwrite sensitive files.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.2
freebsd freebsd 2.1.6.1
freebsd freebsd 2.1.5
sco internet_faststart 1.1
bsdi bsd_os *
sco openserver 5.0
sco internet_faststart 1.0
freebsd freebsd 2.1.6
CVE-1999-0128 MEDIUM

Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.2
sco open_desktop 3.0
ibm aix 4.1
sco internet_faststart 1.1
ibm sng *
sun sunos 5.5
sco openserver 5.0
sco internet_faststart 1.0
ibm aix 4.2
sun sunos 5.4
ibm sng 2.1
ibm sng 2.2
digital osf_1 1.3.3
sco tcp_ip 1.2.1
linux linux_kernel 2.0
ibm aix 3.2
sun sunos 5.5.1
linux linux_kernel 1.3.0
CVE-1999-0129 MEDIUM

Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hp hp-ux 10.10
hp hp-ux 10.01
sco openserver 5.0.2
ibm aix 4.1
sco internet_faststart 1.1
sun solaris 2.4
sun sunos 5.5
eric_allman sendmail 8.8
sco internet_faststart 1.0
ibm aix 4.2
sun sunos 5.4
freebsd freebsd 2.1.5
eric_allman sendmail 8.8.1
sun solaris 2.5
hp hp-ux 10.00
freebsd freebsd 2.1.6
sun sunos 4.1.4
sun sunos 5.5.1
sun sunos 5.3
freebsd freebsd 2.1.6.1
sco openserver 5.0
hp hp-ux 10.20
eric_allman sendmail 8.8.3
sun solaris 2.5.1
bsdi bsd_os 2.1
eric_allman sendmail 8.8.2
sun sunos 4.1.3u1
hp hp-ux 10.16
ibm aix 3.2
CVE-1999-0131 HIGH

Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hp hp-ux 10.10
hp hp-ux 10.01
sco openserver 5.0.2
eric_allman sendmail 8.7.2
ibm aix 4.1
redhat linux 3.0.3
eric_allman sendmail 8.7.5
sco openserver 5.0
sco internet_faststart 1.0
ibm aix 4.2
eric_allman sendmail 8.6
hp hp-ux 10.20
eric_allman sendmail 8.7.1
eric_allman sendmail 8.7.3
bsdi bsd_os 2.1
freebsd freebsd 2.1.5
eric_allman sendmail 8.7.4
digital osf_1 1.3.2
ibm aix 3.2
CVE-1999-0153 MEDIUM

Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
microsoft windows_95 *
sco openserver 5.0
microsoft windows_2000 *
microsoft windows_nt *
CVE-1999-0345 MEDIUM

Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
freebsd freebsd 2.0
ibm aix 4.1
sco internet_faststart 1.1
freebsd freebsd 2.0.5
sco open_desktop 3
sco internet_faststart 1.0
ibm aix 4.2
sun sunos *
ibm sng 2.1
ibm sng 2.2
freebsd freebsd 1.1
sco openserver 5
freebsd freebsd 1.0
freebsd freebsd 1.1.5.1
freebsd freebsd 1.2
ibm aix 3.2
CVE-1999-0368 HIGH

Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.2
washington_university wu-ftpd 2.4.2_beta18_vr9
sco openserver 5.0.3
sco openserver 5.0
washington_university wu-ftpd 2.4.2_beta18
proftpd_project proftpd 1.2_pre1
redhat linux 5.1
sco openserver 5.0.5
sco openserver 5.0.4
caldera openlinux 1.3
slackware slackware_linux 3.4
sco unixware 7.0.1
debian debian_linux 2.0
slackware slackware_linux 3.5
redhat linux 5.0
sco unixware 7.0
slackware slackware_linux 3.6
CVE-1999-0411 HIGH

Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5
sco openserver 3.0
CVE-1999-0476 HIGH

A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver *
CVE-1999-0524 LOW

ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,NVD-CWE-noinfo,CWE-200,

Products Affected

Vendor Product Version
microsoft windows -
cisco ios -
sco sco_unix -
ibm os2 -
apple macos -
sgi irix -
ibm aix -
oracle solaris -
apple mac_os_x -
linux linux_kernel -
novell netware -
hp tru64 -
windriver bsdos -
hp hp-ux -
CVE-1999-0693 HIGH

Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hp hp-ux 10
hp hp-ux 11
sco unixware 7
ibm aix 4
CVE-1999-0697 HIGH

SCO Doctor allows local users to gain root privileges through a Tools option.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.5
sco openserver 5.0.4
CVE-1999-0798 HIGH

Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
freebsd freebsd 6.2
sco internet_faststart *
sco unixware 7.0.1
redhat linux *
openbsd openbsd 2.4
bsdi bsd_os *
sco openserver *
openbsd openbsd 2.3
sco unixware 7.0
CVE-1999-0825 LOW

The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.0.1
sco unixware 7.1
sco unixware 7.0
CVE-1999-0828 LOW

UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.1
sco unixware 7.0
CVE-1999-0830 HIGH

Buffer overflow in SCO UnixWare Xsco command via a long argument.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.0
CVE-1999-0835 HIGH

Denial of service in BIND named via malformed SIG records.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ibm aix 4.3
sun sunos 5.7
sco openserver 5
sco unixware 2
sco unixware 7
CVE-1999-0836 HIGH

UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.0.1
sco unixware 7.1
sco unixware 7.1.1
sco unixware 7.0
CVE-1999-0845 HIGH

Buffer overflow in SCO su program allows local users to gain root access via a long username.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.0
CVE-1999-0851 LOW

Denial of service in BIND named via naptr.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ibm aix 4.3
sun sunos 5.7
sco openserver 5
sco unixware 2
sco unixware 7
CVE-1999-0864 HIGH

UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.0.1
sco unixware 7.1
sco unixware 7.1.1
sco unixware 7.0
CVE-1999-0866 HIGH

Buffer overflow in UnixWare xauto program allows local users to gain root privilege.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.0.1
sco unixware 7.1
sco unixware 7.1.1
sco unixware 7.0
CVE-1999-0893 LOW

userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0
CVE-1999-0942 HIGH

UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.1
CVE-1999-0979 HIGH

The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is executed.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.0.1
sco unixware 7.1
sco unixware 7.1.1
sco unixware 7.0
CVE-1999-0988 HIGH

UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.0.1
sco unixware 7.1
sco unixware 7.1.16
sco unixware 2.0
sco unixware 2.1
sco unixware 7.1.1
sco unixware 2.0.3
sco unixware 7.0
CVE-1999-1041 HIGH

Buffer overflow in mscreen on SCO OpenServer 5.0 and SCO UNIX 3.2v4 allows a local user to gain root access via (1) a long TERM environmental variable and (2) a long entry in the .mscreenrc file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0
sco unix 3.2v4
CVE-1999-1138 HIGH

SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/tmp for the asg user, which allows other users to gain access to those accounts since /tmp and /usr/tmp are world-writable.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unix system_v386_3.2_operating_system_2.0
sco open_desktop 1.0
sco open_desktop 3.0
sco unix system_v386_3.2_operating_system_4.0
sco unix system_v386_3.2_operating_system
sco open_desktop_lite 3.0
sco open_desktop 2.0
sco unix system_v386_3.2_operating_system_4.x
sco openserver 3.0
CVE-1999-1162 MEDIUM

Vulnerability in passwd in SCO UNIX 4.0 and earlier allows attackers to cause a denial of service by preventing users from being able to log into the system.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unix *
sco open_desktop 1.1
sco open_desktop 2.0
CVE-1999-1185 HIGH

Buffer overflow in SCO mscreen allows local users to gain root privileges via a long terminal entry (TERM) in the .mscreenrc file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco cmw 3.0
sco openserver_enterprise_system 5.0.4p
sco internet_faststart all_versions
sco open_desktop 3.0
sco openserver 5.0
sco openserver 3.0
CVE-1999-1209 HIGH

Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Open Server 3.0 allows local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco open_desktop 3.0
sco openserver 5.0
sco openserver 3.0
CVE-1999-1252 HIGH

Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access arbitrary files and gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 2.0.x
sco unixware 2.1.0
CVE-1999-1253 HIGH

Vulnerability in a kernel error handling routine in SCO OpenServer 5.0.2 and earlier, and SCO Internet FastStart 1.0, allows local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0
sco internet_faststart 1.0
sco openserver *
CVE-1999-1302 HIGH

Unspecified vulnerability in pt_chmod in SCO UNIX 4.2 and earlier allows local users to gain root access.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
sco openserver_enterprise_system 3.0
sco unix 3.2
sco open_desktop 3.0
sco open_desktop_lite 3.0
sco unix 4.0
sco unix *
sco openserver_network_system 3.0
sco open_desktop 2.0
sco unix 4.1
CVE-1999-1303 HIGH

Vulnerability in prwarn in SCO UNIX 4.2 and earlier allows local users to gain root access.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver_enterprise_system 3.0
sco unix 3.2
sco open_desktop 3.0
sco open_desktop_lite 3.0
sco unix 4.0
sco unix *
sco openserver_network_system 3.0
sco open_desktop 2.0
sco unix 4.1
CVE-1999-1304 HIGH

Vulnerability in login in SCO UNIX 4.2 and earlier allows local users to gain root access.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver_enterprise_system 3.0
sco unix 3.2
sco open_desktop 3.0
sco open_desktop_lite 3.0
sco unix 4.0
sco unix *
sco openserver_network_system 3.0
sco open_desktop 2.0
sco unix 4.1
CVE-1999-1305 HIGH

Vulnerability in "at" program in SCO UNIX 4.2 and earlier allows local users to gain root access.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver_enterprise_system 3.0
sco unix 3.2
sco open_desktop 3.0
sco open_desktop_lite 3.0
sco unix 4.0
sco unix *
sco openserver_network_system 3.0
sco open_desktop 2.0
sco unix 4.1
CVE-1999-1450 HIGH

Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware *
sco openserver 5.0.4
sco openserver 5.0.2
sco openserver 5.0
sco openserver *
CVE-1999-1571 HIGH

Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.5
sco openserver 5.0.0
CVE-2000-0003 HIGH

Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware *
CVE-2000-0026 HIGH

Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.1
windowmaker wmmon 1.0b2
CVE-2000-0029 MEDIUM

UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.1
CVE-2000-0099 HIGH

Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.0.1
sco unixware 7.1.0
sco unixware 7.0.0
CVE-2000-0130 HIGH

Buffer overflow in SCO scohelp program allows remote attackers to execute commands.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.0.1
sco unixware 7.1
sco unixware 7.0
CVE-2000-0147 LOW

snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.5
CVE-2000-0154 LOW

The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.1
sco unixware 7.1.1
CVE-2000-0158 HIGH

Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.5
sco openserver 5.0.4
sco openserver 5.0.2
sco openserver 5.0
CVE-2000-0173 MEDIUM

Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.1
sco unixware 7.1.1
CVE-2000-0215 HIGH

Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.0.1
sco unixware 7.1
sco unixware 7.1.1
sco unixware 7.0
CVE-2000-0224 LOW

ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.1
sco unixware 7.1.1
CVE-2000-0306 HIGH

Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver *
CVE-2000-0307 MEDIUM

Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware *
sco open_desktop *
sco openserver *
CVE-2000-0308 HIGH

Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware *
netscape enterprise_server 2.0
netscape fasttrack_server 2.01
netscape fasttrack_server 2.0
netscape proxy_server 2.5
sco unixware 7.0
CVE-2000-0348 HIGH

A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware *
CVE-2000-0349 MEDIUM

Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of service.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware *
CVE-2000-0351 MEDIUM

Some packaging commands in SCO UnixWare 7.1.0 have insecure privileges, which allows local users to add or remove software packages.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware *
CVE-2000-0842 MEDIUM

The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.0
CVE-2000-1014 HIGH

Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.0
CVE-2001-0575 MEDIUM

Buffer overflow in lpshut in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a long first argument to lpshut.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.6
CVE-2001-0576 MEDIUM

lpusers as included with SCO OpenServer 5.0 through 5.0.6 allows a local attacker to gain additional privileges via a buffer overflow attack in the '-u' command line parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
sco openserver *
CVE-2001-0577 HIGH

recon in SCO OpenServer 5.0 through 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first command line argument.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver *
CVE-2001-0578 MEDIUM

Buffer overflow in lpforms in SCO OpenServer 5.0-5.0.6 can allow a local attacker to gain additional privileges via a long first argument to the lpforms command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver *
CVE-2001-0579 HIGH

lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first argument to the command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver *
CVE-2001-0587 HIGH

deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.6
CVE-2001-0588 MEDIUM

sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.6
CVE-2001-0627 LOW

vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.5
sco openserver 5.0.4
sco openserver 5.0.2
sco openserver 5.0.6
sco openserver 5.0.3
sco openserver 5.0
sco openserver 5.0.1
CVE-2001-0797 HIGH

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hp hp-ux 10.24
hp hp-ux 10.10
hp hp-ux 10.01
sco openserver 5.0.2
ibm aix 4.3.3
sco openserver 5.0.3
sun solaris 2.4
sun sunos 5.5
hp hp-ux 11.0.4
sun sunos 5.4
sun sunos 5.8
sun sunos -
hp hp-ux 11.11
sco openserver 5.0.5
sco openserver 5.0.4
sun sunos 5.7
sun solaris 2.5
sgi irix 3.3.1
hp hp-ux 10.00
sun sunos 5.5.1
ibm aix 4.3
sun sunos 5.3
ibm aix 5.1
sun sunos 5.2
sco openserver 5.0.6a
sgi irix 3.3.3
sco openserver 5.0
sun solaris 2.6
sgi irix 3.3.2
hp hp-ux 10.20
sun solaris 8.0
sco openserver 5.0.1
sun solaris 2.5.1
sun sunos 5.0
ibm aix 4.3.1
hp hp-ux 11.00
sun sunos 5.1
sco openserver 5.0.6
sgi irix 3.2
sgi irix 3.3
sun solaris 7.0
ibm aix 4.3.2
CVE-2001-0896 MEDIUM

Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.5
CVE-2001-1148 MEDIUM

Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and earlier allow local users to gain privileges via a long TERM environment variable to (1) atcronsh, (2) auditsh, (3) authsh, (4) backupsh, (5) lpsh, (6) sysadm.menu, or (7) termsh.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver *
CVE-2001-1508 MEDIUM

Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.5
sco openserver 5.0.4
sco openserver 5.0.2
sco openserver 5.0.6a
sco openserver 5.0.3
sco openserver 5.0
sco openserver 5.0.1
CVE-2001-1578 LOW

Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.6
CVE-2001-1579 MEDIUM

The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco open_unix 8.0.0
sco unixware 7
CVE-2002-0716 HIGH

Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.5
sco openserver 5.0.6
CVE-2002-1199 MEDIUM

The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.5
sco openserver 5.0.6a
sco openserver 5.0.6
sun sunos 5.7
caldera openlinux 2.4
caldera openlinux 2.2
sun solaris 9.0
sun sunos 5.8
caldera openlinux 2.3
CVE-2002-1323 MEDIUM

Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.1.2
sgi irix 6.5.17m
sgi irix 6.5.15
safe.pm safe.pm 2.0_7
sgi irix 6.5.20f
sgi irix 6.5.12
sgi irix 6.5.8
sgi irix 6.5.9
sgi irix 6.5.1
sgi irix 6.5.19f
sun sunos 5.8
sgi irix 6.5
sgi irix 6.5.2
redhat enterprise_linux 2.1
sgi irix 6.5.20m
sun solaris 9.0
sgi irix 6.5.6
sgi irix 6.5.5
sgi irix 6.5.7
sgi irix 6.5.11
sgi irix 6.5.13
sgi irix 6.5.10
sgi irix 6.5.4
safe.pm safe.pm 2.0_6
sgi irix 6.5.16
sco open_unix 8.0
sgi irix 6.5.18f
sun solaris 8.0
sun linux 5.0.7
sgi irix 6.5.17f
sgi irix 6.5.3
sco unixware 7.1.3
sgi irix 6.5.21m
sgi irix 6.5.19
sgi irix 6.5.18
sgi irix 6.5.18m
sgi irix 6.5.22
sgi irix 6.5.14
sgi irix 6.5.21f
sgi irix 6.5.17
redhat linux_advanced_workstation 2.1
sgi irix 6.5.19m
CVE-2002-1998 HIGH

Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21).

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco open_unix 8.0.0
sco unixware 7.1.1
CVE-2003-0282 LOW

Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openlinux_workstation 3.1.1
info-zip unzip 5.50
sco openlinux_server 3.1.1
CVE-2003-0597 HIGH

Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.7
sco openserver 5.0.6
CVE-2003-0658 MEDIUM

Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
caldera openserver 5.0.7
sco unixware 7.1.3
caldera openlinux_server 3.1.1
caldera openlinux_workstation 3.1.1
CVE-2003-0742 HIGH

SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.5
sco openserver 5.0.7
sco openserver 5.0.6
CVE-2003-0791 HIGH

The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-502,

Products Affected

Vendor Product Version
sco openserver 5.0.7
mozilla mozilla *
CVE-2003-0834 HIGH

Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.1.3
sco open_unix 8.0
sco unixware 7.1.1
CVE-2003-0872 LOW

Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.5
CVE-2003-0914 MEDIUM

ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
isc bind 8.4.1
compaq tru64 4.0f_pk6_bl17
nixu namesurfer standard_3.0.1
isc bind 8.4
sun sunos 5.8
freebsd freebsd 4.7
hp hp-ux 11.11
ibm aix 5.1l
compaq tru64 5.1a_pk1_bl1
isc bind 8.3.4
isc bind 8.2.4
compaq tru64 5.1
isc bind 8.2.5
compaq tru64 4.0g_pk3_bl17
sco unixware 7.1.1
compaq tru64 5.1a_pk4_bl21
netbsd netbsd current
compaq tru64 5.1_pk3_bl17
isc bind 8.2.7
isc bind 8.3.5
compaq tru64 5.1a_pk5_bl23
compaq tru64 5.1b_pk2_bl22
sun solaris 8.0
compaq tru64 4.0f
netbsd netbsd 1.6
freebsd freebsd 4.6
nixu namesurfer suite_3.0.1
isc bind 8.3.2
compaq tru64 4.0f_pk7_bl18
isc bind 8.3.3
isc bind 8.2.3
compaq tru64 5.1a_pk3_bl3
compaq tru64 5.1a
isc bind 8.3.1
netbsd netbsd 1.6.1
compaq tru64 5.1_pk6_bl20
compaq tru64 5.1b
compaq tru64 4.0g_pk4_bl22
freebsd freebsd 4.9
compaq tru64 5.1b_pk1_bl1
isc bind 8.3.6
sun sunos 5.7
compaq tru64 4.0g
freebsd freebsd 5.0
sun solaris 9.0
freebsd freebsd 4.6.2
freebsd freebsd 4.8
compaq tru64 5.1_pk4_bl18
compaq tru64 5.1a_pk2_bl2
isc bind 8.3.0
isc bind 8.2.6
hp hp-ux 11.00
freebsd freebsd 4.4
compaq tru64 5.1_pk5_bl19
freebsd freebsd 4.5
compaq tru64 4.0f_pk8_bl22
sun solaris 7.0
CVE-2003-0937 MEDIUM

SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.1.3
sco open_unix 8.0
sco unixware 7.1.1
CVE-2004-0079 MEDIUM

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,CWE-476,

Products Affected

Vendor Product Version
lite speed_technologies_litespeed_web_server 1.2.2
stonesoft stonegate_vpn_client 2.0.7
openssl openssl 0.9.7c
avaya vsu 100_r2.0.1
openssl openssl 0.9.6d
lite speed_technologies_litespeed_web_server 1.0.2
cisco css_secure_content_accelerator 1.0
avaya sg203 4.31.29
stonesoft stonegate 2.0.6
cisco call_manager *
lite speed_technologies_litespeed_web_server 1.2_rc2
stonesoft stonebeat_webcluster 2.0
securecomputing sidewinder 5.2
securecomputing sidewinder 5.2.0.04
bluecoat cacheos_ca_sa 4.1.12
avaya intuity_audix *
cisco firewall_services_module 1.1.3
avaya sg5 4.3
stonesoft stonegate 2.2.1
checkpoint firewall-1 next_generation_fp1
novell edirectory 8.5.27
avaya s8700 r2.0.0
novell edirectory 8.5
cisco ios 12.1(11)e
freebsd freebsd 5.2.1
symantec clientless_vpn_gateway_4400 5.0
stonesoft stonegate_vpn_client 1.7
checkpoint provider-1 4.1
stonesoft stonegate 1.7.2
avaya converged_communications_server 2.0
checkpoint firewall-1 next_generation_fp0
stonesoft stonebeat_securitycluster 2.5
vmware gsx_server 3.0_build_7592
cisco pix_firewall_software 6.2(2)
cisco pix_firewall 6.2.2_.111
stonesoft stonegate 2.1
cisco pix_firewall_software 6.1
vmware gsx_server 2.5.1
lite speed_technologies_litespeed_web_server 1.3.1
openssl openssl 0.9.6c
dell bsafe_ssl-j 3.1
cisco css11000_content_services_switch *
vmware gsx_server 2.0
dell bsafe_ssl-j 3.0.1
stonesoft stonegate 2.0.8
cisco ios 12.1(13)e9
cisco pix_firewall_software 6.1(3)
cisco ios 12.1(11b)e
stonesoft stonegate 1.6.2
redhat linux 8.0
avaya s8300 r2.0.1
bluecoat cacheos_ca_sa 4.1.10
tarantella tarantella_enterprise 3.40
redhat enterprise_linux_desktop 3.0
cisco webns 6.10
avaya s8700 r2.0.1
avaya sg200 4.31.29
bluecoat proxysg *
securecomputing sidewinder 5.2.1.02
openssl openssl 0.9.6i
avaya vsu 5
cisco css_secure_content_accelerator 2.0
checkpoint vpn-1 next_generation_fp1
cisco okena_stormwatch 3.2
stonesoft stonegate 2.0.4
stonesoft stonegate 2.0.1
hp hp-ux 11.11
cisco webns 7.1_0.2.06
openssl openssl 0.9.6g
checkpoint firewall-1 2.0
4d webstar 5.2
cisco content_services_switch_11500 *
4d webstar 5.2.2
cisco application_and_content_networking_software *
stonesoft stonebeat_fullcluster 3.0
checkpoint vpn-1 next_generation_fp2
vmware gsx_server 2.0.1_build_2129
cisco firewall_services_module 1.1.2
lite speed_technologies_litespeed_web_server 1.0.3
checkpoint firewall-1 next_generation_fp2
redhat openssl 0.9.6-15
cisco pix_firewall_software 6.0(2)
lite speed_technologies_litespeed_web_server 1.1.1
cisco gss_4490_global_site_selector *
openssl openssl 0.9.7a
checkpoint vpn-1 next_generation_fp0
lite speed_technologies_litespeed_web_server 1.2_rc1
sun crypto_accelerator_4000 1.0
lite speed_technologies_litespeed_web_server 1.0.1
avaya vsu 500
novell edirectory 8.6.2
cisco ios 12.1(19)e1
hp hp-ux 8.05
cisco firewall_services_module *
avaya sg203 4.4
freebsd freebsd 4.8
neoteris instant_virtual_extranet 3.0
avaya intuity_audix s3400
freebsd freebsd 5.2
novell imanager 2.0
avaya sg208 4.4
avaya vsu 5x
hp hp-ux 11.00
cisco pix_firewall_software 6.2(3.100)
stonesoft stonegate 1.5.18
lite speed_technologies_litespeed_web_server 1.3_rc1
cisco pix_firewall_software 6.1(4)
stonesoft stonebeat_fullcluster 2.5
cisco pix_firewall_software 6.1(5)
neoteris instant_virtual_extranet 3.1
cisco pix_firewall_software 6.0(1)
cisco pix_firewall_software 6.2(3)
novell edirectory 8.7
securecomputing sidewinder 5.2.0.01
cisco ios 12.2sy
cisco pix_firewall_software 6.0(4.101)
cisco threat_response *
openssl openssl 0.9.7
cisco pix_firewall_software 6.3(3.109)
sgi propack 2.3
neoteris instant_virtual_extranet 3.2
cisco ciscoworks_common_management_foundation 2.1
cisco pix_firewall_software 6.1(2)
cisco ios 12.1(11b)e14
cisco firewall_services_module 2.1_(0.208)
avaya intuity_audix 5.1.46
stonesoft stonegate_vpn_client 2.0.9
cisco mds_9000 *
avaya sg200 4.4
openssl openssl 0.9.6k
openssl openssl 0.9.6j
cisco pix_firewall_software 6.0
4d webstar 5.2.1
cisco webns 7.1_0.1.02
avaya vsu 10000_r2.0.1
openbsd openbsd 3.3
cisco pix_firewall_software 6.1(1)
cisco webns 6.10_b4
hp wbem a.02.00.01
lite speed_technologies_litespeed_web_server 1.2.1
freebsd freebsd 5.1
stonesoft stonegate 1.7
cisco ios 12.2(14)sy
cisco webns 7.2_0.0.03
hp apache-based_web_server 2.0.43.04
openssl openssl 0.9.6e
4d webstar 5.2.4
stonesoft servercluster 2.5
stonesoft stonegate 1.7.1
4d webstar 5.3
cisco pix_firewall_software 6.2
cisco ios 12.1(11b)e12
hp wbem a.01.05.08
lite speed_technologies_litespeed_web_server 1.3_rc3
hp apache-based_web_server 2.0.43.00
securecomputing sidewinder 5.2.1
cisco pix_firewall_software 6.2(1)
cisco ios 12.2za
avaya s8500 r2.0.0
stonesoft stonegate 2.0.7
openssl openssl 0.9.6f
cisco pix_firewall_software 6.3
stonesoft stonebeat_securitycluster 2.0
stonesoft stonegate_vpn_client 1.7.2
stonesoft stonegate_vpn_client 2.0.8
stonesoft stonebeat_fullcluster 2.0
hp hp-ux 11.23
apple mac_os_x_server 10.3.3
stonesoft stonegate_vpn_client 2.0
cisco access_registrar *
novell edirectory 8.5.12a
lite speed_technologies_litespeed_web_server 1.1
redhat linux 7.3
cisco pix_firewall_software 6.0(3)
sco openserver 5.0.7
cisco webns 7.10_.0.06s
securecomputing sidewinder 5.2.0.02
redhat linux 7.2
avaya vsu 5000_r2.0.1
checkpoint firewall-1 *
hp aaa_server *
avaya sg5 4.2
novell imanager 1.5
stonesoft stonegate 2.0.9
4d webstar 5.3.1
stonesoft stonegate 2.2
lite speed_technologies_litespeed_web_server 1.3_rc2
openssl openssl 0.9.6h
neoteris instant_virtual_extranet 3.3
stonesoft stonebeat_fullcluster 1_2.0
apple mac_os_x 10.3.3
avaya vsu 2000_r2.0.1
stonesoft stonegate 1.5.17
cisco pix_firewall_software 6.3(1)
avaya s8500 r2.0.1
avaya vsu 7500_r2.0.1
novell edirectory 8.0
novell edirectory 8.7.1
stonesoft stonegate 2.0.5
cisco gss_4480_global_site_selector *
cisco webns 7.10
redhat openssl 0.9.7a-2
cisco ios 12.2(14)sy1
tarantella tarantella_enterprise 3.20
openbsd openbsd 3.4
dell bsafe_ssl-j 3.0
neoteris instant_virtual_extranet 3.3.1
redhat openssl 0.9.6b-3
lite speed_technologies_litespeed_web_server 1.3
avaya s8300 r2.0.0
vmware gsx_server 2.5.1_build_5336
stonesoft stonebeat_fullcluster 1_3.0
4d webstar 5.2.3
stonesoft servercluster 2.5.2
tarantella tarantella_enterprise 3.30
securecomputing sidewinder 5.2.0.03
freebsd freebsd 4.9
checkpoint vpn-1 vsx_ng_with_application_intelligence
cisco pix_firewall_software 6.3(3.102)
hp wbem a.02.00.00
4d webstar 4.0
cisco ciscoworks_common_services 2.2
stonesoft stonegate 2.2.4
cisco secure_content_accelerator 10000
openssl openssl 0.9.7b
sgi propack 3.0
cisco pix_firewall_software 6.3(2)
avaya intuity_audix s3210
cisco pix_firewall_software 6.0(4)
sgi propack 2.4
sco openserver 5.0.6
cisco firewall_services_module 1.1_(3.005)
redhat enterprise_linux 3.0
stonesoft stonebeat_webcluster 2.5
avaya sg5 4.4
stonesoft stonegate 1.6.3
avaya sg208 *
CVE-2004-0081 MEDIUM

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
lite speed_technologies_litespeed_web_server 1.2.2
stonesoft stonegate_vpn_client 2.0.7
openssl openssl 0.9.7c
avaya vsu 100_r2.0.1
openssl openssl 0.9.6d
lite speed_technologies_litespeed_web_server 1.0.2
cisco css_secure_content_accelerator 1.0
avaya sg203 4.31.29
stonesoft stonegate 2.0.6
cisco call_manager *
lite speed_technologies_litespeed_web_server 1.2_rc2
stonesoft stonebeat_webcluster 2.0
securecomputing sidewinder 5.2
securecomputing sidewinder 5.2.0.04
bluecoat cacheos_ca_sa 4.1.12
avaya intuity_audix *
cisco firewall_services_module 1.1.3
avaya sg5 4.3
stonesoft stonegate 2.2.1
checkpoint firewall-1 next_generation_fp1
novell edirectory 8.5.27
avaya s8700 r2.0.0
novell edirectory 8.5
cisco ios 12.1(11)e
freebsd freebsd 5.2.1
symantec clientless_vpn_gateway_4400 5.0
stonesoft stonegate_vpn_client 1.7
checkpoint provider-1 4.1
stonesoft stonegate 1.7.2
avaya converged_communications_server 2.0
checkpoint firewall-1 next_generation_fp0
stonesoft stonebeat_securitycluster 2.5
vmware gsx_server 3.0_build_7592
cisco pix_firewall_software 6.2(2)
cisco pix_firewall 6.2.2_.111
stonesoft stonegate 2.1
cisco pix_firewall_software 6.1
vmware gsx_server 2.5.1
lite speed_technologies_litespeed_web_server 1.3.1
openssl openssl 0.9.6c
dell bsafe_ssl-j 3.1
cisco css11000_content_services_switch *
vmware gsx_server 2.0
dell bsafe_ssl-j 3.0.1
stonesoft stonegate 2.0.8
cisco ios 12.1(13)e9
cisco pix_firewall_software 6.1(3)
cisco ios 12.1(11b)e
stonesoft stonegate 1.6.2
redhat linux 8.0
avaya s8300 r2.0.1
bluecoat cacheos_ca_sa 4.1.10
tarantella tarantella_enterprise 3.40
redhat enterprise_linux_desktop 3.0
cisco webns 6.10
avaya s8700 r2.0.1
avaya sg200 4.31.29
bluecoat proxysg *
securecomputing sidewinder 5.2.1.02
openssl openssl 0.9.6i
avaya vsu 5
cisco css_secure_content_accelerator 2.0
checkpoint vpn-1 next_generation_fp1
cisco okena_stormwatch 3.2
stonesoft stonegate 2.0.4
stonesoft stonegate 2.0.1
hp hp-ux 11.11
cisco webns 7.1_0.2.06
openssl openssl 0.9.6g
checkpoint firewall-1 2.0
4d webstar 5.2
cisco content_services_switch_11500 *
4d webstar 5.2.2
cisco application_and_content_networking_software *
stonesoft stonebeat_fullcluster 3.0
vmware gsx_server 2.0.1_build_2129
cisco firewall_services_module 1.1.2
lite speed_technologies_litespeed_web_server 1.0.3
checkpoint firewall-1 next_generation_fp2
redhat openssl 0.9.6-15
cisco pix_firewall_software 6.0(2)
lite speed_technologies_litespeed_web_server 1.1.1
cisco gss_4490_global_site_selector *
openssl openssl 0.9.7a
checkpoint vpn-1 next_generation_fp0
lite speed_technologies_litespeed_web_server 1.2_rc1
sun crypto_accelerator_4000 1.0
lite speed_technologies_litespeed_web_server 1.0.1
avaya vsu 500
novell edirectory 8.6.2
cisco ios 12.1(19)e1
hp hp-ux 8.05
cisco firewall_services_module *
avaya sg203 4.4
freebsd freebsd 4.8
neoteris instant_virtual_extranet 3.0
avaya intuity_audix s3400
freebsd freebsd 5.2
novell imanager 2.0
avaya sg208 4.4
avaya vsu 5x
hp hp-ux 11.00
cisco pix_firewall_software 6.2(3.100)
stonesoft stonegate 1.5.18
lite speed_technologies_litespeed_web_server 1.3_rc1
cisco pix_firewall_software 6.1(4)
stonesoft stonebeat_fullcluster 2.5
cisco pix_firewall_software 6.1(5)
neoteris instant_virtual_extranet 3.1
cisco pix_firewall_software 6.0(1)
cisco pix_firewall_software 6.2(3)
novell edirectory 8.7
securecomputing sidewinder 5.2.0.01
cisco ios 12.2sy
cisco pix_firewall_software 6.0(4.101)
cisco threat_response *
openssl openssl 0.9.7
cisco pix_firewall_software 6.3(3.109)
sgi propack 2.3
neoteris instant_virtual_extranet 3.2
cisco ciscoworks_common_management_foundation 2.1
cisco pix_firewall_software 6.1(2)
cisco ios 12.1(11b)e14
cisco firewall_services_module 2.1_(0.208)
avaya intuity_audix 5.1.46
stonesoft stonegate_vpn_client 2.0.9
cisco mds_9000 *
avaya sg200 4.4
openssl openssl 0.9.6k
openssl openssl 0.9.6j
cisco pix_firewall_software 6.0
4d webstar 5.2.1
cisco webns 7.1_0.1.02
avaya vsu 10000_r2.0.1
openbsd openbsd 3.3
cisco pix_firewall_software 6.1(1)
cisco webns 6.10_b4
hp wbem a.02.00.01
lite speed_technologies_litespeed_web_server 1.2.1
freebsd freebsd 5.1
stonesoft stonegate 1.7
cisco ios 12.2(14)sy
cisco webns 7.2_0.0.03
hp apache-based_web_server 2.0.43.04
openssl openssl 0.9.6e
4d webstar 5.2.4
stonesoft servercluster 2.5
stonesoft stonegate 1.7.1
4d webstar 5.3
cisco pix_firewall_software 6.2
cisco ios 12.1(11b)e12
hp wbem a.01.05.08
lite speed_technologies_litespeed_web_server 1.3_rc3
hp apache-based_web_server 2.0.43.00
securecomputing sidewinder 5.2.1
cisco pix_firewall_software 6.2(1)
cisco ios 12.2za
avaya s8500 r2.0.0
stonesoft stonegate 2.0.7
openssl openssl 0.9.6f
cisco pix_firewall_software 6.3
stonesoft stonebeat_securitycluster 2.0
stonesoft stonegate_vpn_client 1.7.2
stonesoft stonegate_vpn_client 2.0.8
stonesoft stonebeat_fullcluster 2.0
hp hp-ux 11.23
apple mac_os_x_server 10.3.3
stonesoft stonegate_vpn_client 2.0
cisco access_registrar *
novell edirectory 8.5.12a
lite speed_technologies_litespeed_web_server 1.1
redhat linux 7.3
cisco pix_firewall_software 6.0(3)
sco openserver 5.0.7
cisco webns 7.10_.0.06s
securecomputing sidewinder 5.2.0.02
redhat linux 7.2
avaya vsu 5000_r2.0.1
checkpoint firewall-1 *
hp aaa_server *
checkpoint vpn-1 next_generation
avaya sg5 4.2
novell imanager 1.5
stonesoft stonegate 2.0.9
4d webstar 5.3.1
stonesoft stonegate 2.2
lite speed_technologies_litespeed_web_server 1.3_rc2
openssl openssl 0.9.6h
neoteris instant_virtual_extranet 3.3
stonesoft stonebeat_fullcluster 1_2.0
apple mac_os_x 10.3.3
avaya vsu 2000_r2.0.1
stonesoft stonegate 1.5.17
cisco pix_firewall_software 6.3(1)
avaya s8500 r2.0.1
avaya vsu 7500_r2.0.1
novell edirectory 8.0
novell edirectory 8.7.1
stonesoft stonegate 2.0.5
cisco gss_4480_global_site_selector *
cisco webns 7.10
redhat openssl 0.9.7a-2
cisco ios 12.2(14)sy1
tarantella tarantella_enterprise 3.20
openbsd openbsd 3.4
dell bsafe_ssl-j 3.0
neoteris instant_virtual_extranet 3.3.1
redhat openssl 0.9.6b-3
lite speed_technologies_litespeed_web_server 1.3
avaya s8300 r2.0.0
vmware gsx_server 2.5.1_build_5336
stonesoft stonebeat_fullcluster 1_3.0
4d webstar 5.2.3
stonesoft servercluster 2.5.2
tarantella tarantella_enterprise 3.30
securecomputing sidewinder 5.2.0.03
freebsd freebsd 4.9
checkpoint vpn-1 vsx_ng_with_application_intelligence
cisco pix_firewall_software 6.3(3.102)
hp wbem a.02.00.00
4d webstar 4.0
cisco ciscoworks_common_services 2.2
stonesoft stonegate 2.2.4
cisco secure_content_accelerator 10000
openssl openssl 0.9.7b
sgi propack 3.0
cisco pix_firewall_software 6.3(2)
avaya intuity_audix s3210
cisco pix_firewall_software 6.0(4)
sgi propack 2.4
sco openserver 5.0.6
cisco firewall_services_module 1.1_(3.005)
redhat enterprise_linux 3.0
stonesoft stonebeat_webcluster 2.5
avaya sg5 4.4
stonesoft stonegate 1.6.3
avaya sg208 *
CVE-2004-0112 MEDIUM

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
openssl openssl 0.9.7c
avaya vsu 100_r2.0.1
openssl openssl 0.9.6d
cisco css_secure_content_accelerator 1.0
avaya sg203 4.31.29
cisco call_manager *
stonesoft stonebeat_webcluster 2.0
securecomputing sidewinder 5.2
securecomputing sidewinder 5.2.0.04
bluecoat cacheos_ca_sa 4.1.12
avaya intuity_audix *
cisco firewall_services_module 1.1.3
avaya sg5 4.3
checkpoint firewall-1 next_generation_fp1
novell edirectory 8.5.27
avaya s8700 r2.0.0
novell edirectory 8.5
cisco ios 12.1(11)e
freebsd freebsd 5.2.1
symantec clientless_vpn_gateway_4400 5.0
checkpoint provider-1 4.1
avaya converged_communications_server 2.0
checkpoint firewall-1 next_generation_fp0
stonesoft stonebeat_securitycluster 2.5
vmware gsx_server 3.0_build_7592
cisco pix_firewall_software 6.2(2)
cisco pix_firewall 6.2.2_.111
forcepoint stonegate 2.2.4
cisco pix_firewall_software 6.1
vmware gsx_server 2.5.1
forcepoint stonegate 1.5.17
openssl openssl 0.9.6c
dell bsafe_ssl-j 3.1
cisco css11000_content_services_switch *
vmware gsx_server 2.0
dell bsafe_ssl-j 3.0.1
cisco ios 12.1(13)e9
forcepoint stonegate 2.0.7
cisco pix_firewall_software 6.1(3)
cisco ios 12.1(11b)e
redhat linux 8.0
avaya s8300 r2.0.1
forcepoint stonegate 1.6.2
bluecoat cacheos_ca_sa 4.1.10
tarantella tarantella_enterprise 3.40
redhat enterprise_linux_desktop 3.0
cisco webns 6.10
avaya s8700 r2.0.1
avaya sg200 4.31.29
bluecoat proxysg *
securecomputing sidewinder 5.2.1.02
openssl openssl 0.9.6i
avaya vsu 5
cisco css_secure_content_accelerator 2.0
checkpoint vpn-1 next_generation_fp1
cisco okena_stormwatch 3.2
forcepoint stonegate 2.0.1
hp hp-ux 11.11
cisco webns 7.1_0.2.06
openssl openssl 0.9.6g
checkpoint firewall-1 2.0
4d webstar 5.2
cisco content_services_switch_11500 *
4d webstar 5.2.2
cisco application_and_content_networking_software *
stonesoft stonebeat_fullcluster 3.0
checkpoint vpn-1 next_generation_fp2
vmware gsx_server 2.0.1_build_2129
cisco firewall_services_module 1.1.2
checkpoint firewall-1 next_generation_fp2
redhat openssl 0.9.6-15
cisco pix_firewall_software 6.0(2)
cisco gss_4490_global_site_selector *
openssl openssl 0.9.7a
checkpoint vpn-1 next_generation_fp0
sun crypto_accelerator_4000 1.0
avaya vsu 500
novell edirectory 8.6.2
cisco ios 12.1(19)e1
hp hp-ux 8.05
cisco firewall_services_module *
avaya sg203 4.4
freebsd freebsd 4.8
neoteris instant_virtual_extranet 3.0
avaya intuity_audix s3400
freebsd freebsd 5.2
novell imanager 2.0
avaya sg208 4.4
avaya vsu 5x
hp hp-ux 11.00
cisco pix_firewall_software 6.2(3.100)
cisco pix_firewall_software 6.1(4)
stonesoft stonebeat_fullcluster 2.5
forcepoint stonegate 1.7
cisco pix_firewall_software 6.1(5)
neoteris instant_virtual_extranet 3.1
cisco pix_firewall_software 6.0(1)
forcepoint stonegate 2.0.9
cisco pix_firewall_software 6.2(3)
novell edirectory 8.7
securecomputing sidewinder 5.2.0.01
cisco ios 12.2sy
cisco pix_firewall_software 6.0(4.101)
cisco threat_response *
openssl openssl 0.9.7
cisco pix_firewall_software 6.3(3.109)
sgi propack 2.3
forcepoint stonegate 1.7.2
neoteris instant_virtual_extranet 3.2
litespeedtech litespeed_web_server 1.0.1
cisco ciscoworks_common_management_foundation 2.1
cisco pix_firewall_software 6.1(2)
cisco ios 12.1(11b)e14
cisco firewall_services_module 2.1_(0.208)
avaya intuity_audix 5.1.46
forcepoint stonegate 1.6.3
cisco mds_9000 *
avaya sg200 4.4
openssl openssl 0.9.6k
openssl openssl 0.9.6j
cisco pix_firewall_software 6.0
4d webstar 5.2.1
cisco webns 7.1_0.1.02
avaya vsu 10000_r2.0.1
openbsd openbsd 3.3
forcepoint stonegate 2.2.1
cisco pix_firewall_software 6.1(1)
cisco webns 6.10_b4
hp wbem a.02.00.01
freebsd freebsd 5.1
forcepoint stonegate 1.7.1
cisco ios 12.2(14)sy
cisco webns 7.2_0.0.03
hp apache-based_web_server 2.0.43.04
openssl openssl 0.9.6e
4d webstar 5.2.4
stonesoft servercluster 2.5
4d webstar 5.3
cisco pix_firewall_software 6.2
cisco ios 12.1(11b)e12
hp wbem a.01.05.08
hp apache-based_web_server 2.0.43.00
securecomputing sidewinder 5.2.1
cisco pix_firewall_software 6.2(1)
cisco ios 12.2za
forcepoint stonegate 2.0.8
avaya s8500 r2.0.0
openssl openssl 0.9.6f
cisco pix_firewall_software 6.3
stonesoft stonebeat_securitycluster 2.0
forcepoint stonegate 1.5.18
forcepoint stonegate 2.0.6
stonesoft stonebeat_fullcluster 2.0
hp hp-ux 11.23
apple mac_os_x_server 10.3.3
cisco access_registrar *
novell edirectory 8.5.12a
redhat linux 7.3
cisco pix_firewall_software 6.0(3)
sco openserver 5.0.7
cisco webns 7.10_.0.06s
securecomputing sidewinder 5.2.0.02
redhat linux 7.2
avaya vsu 5000_r2.0.1
checkpoint firewall-1 *
hp aaa_server *
forcepoint stonegate 2.0.5
avaya sg5 4.2
novell imanager 1.5
4d webstar 5.3.1
openssl openssl 0.9.6h
neoteris instant_virtual_extranet 3.3
stonesoft stonebeat_fullcluster 1_2.0
apple mac_os_x 10.3.3
avaya vsu 2000_r2.0.1
cisco pix_firewall_software 6.3(1)
avaya s8500 r2.0.1
avaya vsu 7500_r2.0.1
novell edirectory 8.0
novell edirectory 8.7.1
forcepoint stonegate 2.1
cisco gss_4480_global_site_selector *
cisco webns 7.10
redhat openssl 0.9.7a-2
cisco ios 12.2(14)sy1
tarantella tarantella_enterprise 3.20
openbsd openbsd 3.4
dell bsafe_ssl-j 3.0
neoteris instant_virtual_extranet 3.3.1
redhat openssl 0.9.6b-3
forcepoint stonegate 2.2
avaya s8300 r2.0.0
vmware gsx_server 2.5.1_build_5336
stonesoft stonebeat_fullcluster 1_3.0
4d webstar 5.2.3
stonesoft servercluster 2.5.2
tarantella tarantella_enterprise 3.30
securecomputing sidewinder 5.2.0.03
forcepoint stonegate 2.0.4
freebsd freebsd 4.9
checkpoint vpn-1 vsx_ng_with_application_intelligence
cisco pix_firewall_software 6.3(3.102)
hp wbem a.02.00.00
4d webstar 4.0
cisco ciscoworks_common_services 2.2
cisco secure_content_accelerator 10000
openssl openssl 0.9.7b
sgi propack 3.0
cisco pix_firewall_software 6.3(2)
avaya intuity_audix s3210
cisco pix_firewall_software 6.0(4)
sgi propack 2.4
sco openserver 5.0.6
cisco firewall_services_module 1.1_(3.005)
redhat enterprise_linux 3.0
stonesoft stonebeat_webcluster 2.5
avaya sg5 4.4
avaya sg208 *
CVE-2004-0390 HIGH

SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.5
sco openserver 5.0.7
sco openserver 5.0.6
CVE-2004-0510 HIGH

Multiple buffer overflows in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to execute arbitrary code, as demonstrated via the execmail program.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.7
sco openserver 5.0.6a
sco openserver 5.0.6
CVE-2004-0511 LOW

Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a null dereference.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.7
sco openserver 5.0.6a
sco openserver 5.0.6
CVE-2004-0512 LOW

Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a core dump.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.7
sco openserver 5.0.6a
sco openserver 5.0.6
CVE-2004-0996 LOW

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
cscope cscope 15.1
sco unixware 7.1.3
sco unixware 7.1.4
cscope cscope 15.5
cscope cscope 15.4
gentoo linux *
sco unixware 7.1.1
cscope cscope 15.3
debian debian_linux 3.0
cscope cscope 13.0
CVE-2004-1039 MEDIUM

The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.7
sco unixware 7.1.3
sco openserver 5.0.6
sco unixware 7.1.4
sco unixware 7.1.1
CVE-2004-1082 HIGH

mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
apache http_server 1.3.20
apache http_server 1.3.26
ibm http_server 1.3.19
apache http_server 1.3.7
hp webproxy a.02.10
apache http_server 1.3.25
apache http_server 1.3.29
sun sunos 5.8
apache http_server 1.3
apache http_server 1.3.24
apache http_server 1.3.23
apache http_server 1.3.22
apache http_server 1.3.12
avaya modular_messaging_message_storage_server 1.1
sun solaris 9.0
hp virtualvault 4.5
avaya communication_manager 1.3.1
avaya communication_manager 2.0
apache http_server 1.3.18
hp virtualvault 4.6
apache http_server 1.3.14
avaya communication_manager 2.0.1
avaya communication_manager 1.1
openbsd openbsd 3.5
hp virtualvault 4.7
sun solaris 8.0
apache http_server 1.3.19
apache http_server 1.3.9
apache http_server 1.3.4
apache http_server 1.3.17
apache http_server 1.3.6
apache http_server 1.3.11
avaya mn100 *
avaya modular_messaging_message_storage_server 2.0
sco openserver 5.0.7
apple apache_mod_digest_apple *
sco openserver 5.0.6
avaya intuity_audix_lx *
apache http_server 1.3.28
avaya network_routing *
hp webproxy a.02.00
openbsd openbsd current
apache http_server 1.3.27
apache http_server 1.3.1
openbsd openbsd 3.4
apache http_server 1.3.3
CVE-2004-1124 MEDIUM

Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.7
sco unixware 7.1.3
sco openserver 5.0.6
sco unixware 7.1.4
sco unixware 7.1.1
CVE-2004-1131 HIGH

Multiple buffer overflows in the enable command for SCO OpenServer 5.0.6 and 5.0.7 allow local users to execute arbitrary code via long command line arguments.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.7
sco openserver 5.0.6
CVE-2004-1307 HIGH

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
avaya interactive_response 1.3
libtiff libtiff 3.5.2
sun sunos 5.8
apple mac_os_x 10.3.2
conectiva linux 10.0
apple mac_os_x_server 10.3.9
sco unixware 7.1.4
f5 icontrol_service_manager 1.3
libtiff libtiff 3.5.7
apple mac_os_x 10.3.3
avaya modular_messaging_message_storage_server 1.1
avaya call_management_system_server 11.0
f5 icontrol_service_manager 1.3.4
apple mac_os_x_server 10.3.4
avaya integrated_management *
apple mac_os_x 10.3.5
apple mac_os_x_server 10.3.1
sun solaris 8.0
avaya cvlan *
avaya call_management_system_server 13.0
avaya mn100 *
libtiff libtiff 3.5.4
avaya intuity_audix_lx *
mandrakesoft mandrake_linux 10.0
apple mac_os_x_server 10.3.7
libtiff libtiff 3.6.1
sun solaris 10.0
libtiff libtiff 3.5.5
libtiff libtiff 3.7.0
apple mac_os_x 10.3.7
avaya call_management_system_server 8.0
avaya interactive_response 1.2.1
avaya interactive_response *
mandrakesoft mandrake_linux_corporate_server 3.0
conectiva linux 9.0
avaya call_management_system_server 12.0
apple mac_os_x_server 10.3.6
apple mac_os_x 10.3
apple mac_os_x 10.3.6
libtiff libtiff 3.4
libtiff libtiff 3.5.3
sun sunos 5.7
apple mac_os_x 10.3.8
apple mac_os_x_server 10.3.5
apple mac_os_x 10.3.1
sun solaris 9.0
mandrakesoft mandrake_linux 10.1
apple mac_os_x_server 10.3.3
apple mac_os_x 10.3.9
avaya call_management_system_server 9.0
apple mac_os_x_server 10.3
sgi propack 3.0
libtiff libtiff 3.6.0
apple mac_os_x_server 10.3.2
libtiff libtiff 3.5.1
f5 icontrol_service_manager 1.3.6
avaya modular_messaging_message_storage_server 2.0
apple mac_os_x_server 10.3.8
apple mac_os_x 10.3.4
sun solaris 7.0
f5 icontrol_service_manager 1.3.5
gentoo linux *
CVE-2005-0109 MEDIUM

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
freebsd freebsd 3.0
redhat enterprise_linux_desktop 4.0
sco unixware 7.1.3_up
freebsd freebsd 4.7
freebsd freebsd 3.2
redhat enterprise_linux 2.1
ubuntu ubuntu_linux 5.04
sco unixware 7.1.4
freebsd freebsd 2.1.6
freebsd freebsd 3.3
freebsd freebsd 4.3
freebsd freebsd 2.1.0
freebsd freebsd 2.1.6.1
freebsd freebsd 2.2.2
freebsd freebsd 4.10
freebsd freebsd 4.0
freebsd freebsd 5.2.1
sun solaris 8.0
ubuntu ubuntu_linux 4.1
freebsd freebsd 4.1.1
freebsd freebsd 4.2
freebsd freebsd 5.1
freebsd freebsd 4.6
redhat fedora_core core_3.0
freebsd freebsd 2.2.5
sun solaris 10.0
freebsd freebsd 3.1
freebsd freebsd 2.0
freebsd freebsd 2.2.6
freebsd freebsd 4.9
freebsd freebsd 2.1.5
freebsd freebsd 2.1.7.1
freebsd freebsd 2.2.4
freebsd freebsd 2.2.8
freebsd freebsd 5.0
freebsd freebsd 4.11
sun solaris 9.0
freebsd freebsd 4.6.2
freebsd freebsd 4.8
freebsd freebsd 5.3
freebsd freebsd 5.4
redhat enterprise_linux 4.0
freebsd freebsd 3.5.1
freebsd freebsd 3.5
freebsd freebsd 5.2
freebsd freebsd 2.0.5
redhat enterprise_linux_desktop 3.0
freebsd freebsd 3.4
freebsd freebsd 2.2.3
freebsd freebsd 4.1
sco openserver 5.0.7
sco unixware 7.1.3
freebsd freebsd 4.4
freebsd freebsd 2.2
freebsd freebsd 4.5
redhat enterprise_linux 3.0
sun solaris 7.0
freebsd freebsd 1.1.5.1
CVE-2005-0134 MEDIUM

The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.1.3
sco unixware 7.1.4
sco unixware 7.1.1
CVE-2005-0351 MEDIUM

Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
sco openserver 5.0.7
sco openserver 5.0.6
CVE-2005-0993 MEDIUM

Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users to execute arbitrary code via a long command line argument.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.7
sco openserver 5.0.6
CVE-2005-2132 LOW

RPC portmapper (rpcbind) in SCO UnixWare 7.1.1 m5, 7.1.3 mp5, and 7.1.4 mp2 allows remote attackers or local users to cause a denial of service (lack of response) via multiple invalid portmap requests.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.1.4_mp2
sco unixware 7.1.3_mp5
sco unixware 7.1.1_m5
CVE-2005-2926 MEDIUM

Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver *
CVE-2005-2927 HIGH

Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the (1) prompt or (2) defprompt command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.1.3
sco unixware 7.1.4
CVE-2005-2934 HIGH

Unspecified vulnerability in ptrace in SCO UnixWare 7.1.3 and 7.1.4 allows local users to gain privileges via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.1.3
sco unixware 7.1.4
CVE-2005-3624 MEDIUM

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
turbolinux turbolinux_server 8.0
turbolinux turbolinux fuji
suse suse_linux 9.2
redhat fedora_core core_1.0
redhat enterprise_linux_desktop 4.0
slackware slackware_linux 9.0
tetex tetex 2.0.1
conectiva linux 10.0
suse suse_linux 9.0
turbolinux turbolinux_workstation 8.0
turbolinux turbolinux 10
redhat enterprise_linux 2.1
ubuntu ubuntu_linux 5.04
redhat fedora_core core_2.0
tetex tetex 1.0.7
kde kpdf 3.4.3
redhat linux 9.0
kde koffice 1.4
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 2006
suse suse_linux 9.1
kde koffice 1.4.2
turbolinux turbolinux_appliance_server 1.0_hosting_edition
easy_software_products cups 1.1.23_rc1
redhat fedora_core core_4.0
kde kdegraphics 3.2
suse suse_linux 10.0
ubuntu ubuntu_linux 4.1
easy_software_products cups 1.1.22_rc1
turbolinux turbolinux_multimedia *
turbolinux turbolinux_server 10.0_x86
xpdf xpdf 3.0
turbolinux turbolinux_desktop 10.0
turbolinux turbolinux_server 10.0
debian debian_linux 3.1
redhat fedora_core core_3.0
easy_software_products cups 1.1.23
slackware slackware_linux 10.0
redhat linux_advanced_workstation 2.1
suse suse_linux 9.3
slackware slackware_linux 9.1
tetex tetex 3.0
mandrakesoft mandrake_linux_corporate_server 3.0
tetex tetex 2.0
mandrakesoft mandrake_linux 10.2
tetex tetex 2.0.2
sco openserver 6.0
ubuntu ubuntu_linux 5.10
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
slackware slackware_linux 10.1
trustix secure_linux 2.2
easy_software_products cups 1.1.22
redhat enterprise_linux 4.0
mandrakesoft mandrake_linux 10.1
suse suse_linux 1.0
trustix secure_linux 3.0
trustix secure_linux 2.0
sgi propack 3.0
kde kpdf 3.2
kde kdegraphics 3.4.3
redhat enterprise_linux_desktop 3.0
debian debian_linux 3.0
redhat linux 7.3
libextractor libextractor *
sco openserver 5.0.7
poppler poppler 0.4.2
kde koffice 1.4.1
redhat enterprise_linux 3.0
turbolinux turbolinux_home *
turbolinux turbolinux_personal *
slackware slackware_linux 10.2
kde kword 1.4.2
gentoo linux *
CVE-2005-3625 HIGH

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
turbolinux turbolinux_server 8.0
turbolinux turbolinux fuji
suse suse_linux 9.2
redhat fedora_core core_1.0
redhat enterprise_linux_desktop 4.0
slackware slackware_linux 9.0
tetex tetex 2.0.1
conectiva linux 10.0
suse suse_linux 9.0
turbolinux turbolinux_workstation 8.0
turbolinux turbolinux 10
redhat enterprise_linux 2.1
ubuntu ubuntu_linux 5.04
redhat fedora_core core_2.0
tetex tetex 1.0.7
kde kpdf 3.4.3
redhat linux 9.0
kde koffice 1.4
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 2006
suse suse_linux 9.1
kde koffice 1.4.2
turbolinux turbolinux_appliance_server 1.0_hosting_edition
easy_software_products cups 1.1.23_rc1
redhat fedora_core core_4.0
kde kdegraphics 3.2
suse suse_linux 10.0
ubuntu ubuntu_linux 4.1
easy_software_products cups 1.1.22_rc1
turbolinux turbolinux_multimedia *
turbolinux turbolinux_server 10.0_x86
xpdf xpdf 3.0
turbolinux turbolinux_desktop 10.0
turbolinux turbolinux_server 10.0
debian debian_linux 3.1
redhat fedora_core core_3.0
easy_software_products cups 1.1.23
slackware slackware_linux 10.0
redhat linux_advanced_workstation 2.1
suse suse_linux 9.3
slackware slackware_linux 9.1
tetex tetex 3.0
mandrakesoft mandrake_linux_corporate_server 3.0
tetex tetex 2.0
mandrakesoft mandrake_linux 10.2
tetex tetex 2.0.2
sco openserver 6.0
ubuntu ubuntu_linux 5.10
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
slackware slackware_linux 10.1
trustix secure_linux 2.2
easy_software_products cups 1.1.22
redhat enterprise_linux 4.0
mandrakesoft mandrake_linux 10.1
suse suse_linux 1.0
trustix secure_linux 3.0
trustix secure_linux 2.0
sgi propack 3.0
kde kpdf 3.2
kde kdegraphics 3.4.3
redhat enterprise_linux_desktop 3.0
debian debian_linux 3.0
redhat linux 7.3
libextractor libextractor *
sco openserver 5.0.7
poppler poppler 0.4.2
kde koffice 1.4.1
redhat enterprise_linux 3.0
turbolinux turbolinux_home *
turbolinux turbolinux_personal *
slackware slackware_linux 10.2
kde kword 1.4.2
gentoo linux *
CVE-2005-3626 MEDIUM

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
turbolinux turbolinux_server 8.0
turbolinux turbolinux fuji
suse suse_linux 9.2
redhat fedora_core core_1.0
redhat enterprise_linux_desktop 4.0
slackware slackware_linux 9.0
tetex tetex 2.0.1
conectiva linux 10.0
suse suse_linux 9.0
turbolinux turbolinux_workstation 8.0
turbolinux turbolinux 10
redhat enterprise_linux 2.1
ubuntu ubuntu_linux 5.04
redhat fedora_core core_2.0
tetex tetex 1.0.7
kde kpdf 3.4.3
redhat linux 9.0
kde koffice 1.4
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 2006
suse suse_linux 9.1
kde koffice 1.4.2
turbolinux turbolinux_appliance_server 1.0_hosting_edition
easy_software_products cups 1.1.23_rc1
redhat fedora_core core_4.0
kde kdegraphics 3.2
suse suse_linux 10.0
ubuntu ubuntu_linux 4.1
easy_software_products cups 1.1.22_rc1
turbolinux turbolinux_multimedia *
turbolinux turbolinux_server 10.0_x86
xpdf xpdf 3.0
turbolinux turbolinux_desktop 10.0
turbolinux turbolinux_server 10.0
debian debian_linux 3.1
redhat fedora_core core_3.0
easy_software_products cups 1.1.23
slackware slackware_linux 10.0
redhat linux_advanced_workstation 2.1
suse suse_linux 9.3
slackware slackware_linux 9.1
tetex tetex 3.0
mandrakesoft mandrake_linux_corporate_server 3.0
tetex tetex 2.0
mandrakesoft mandrake_linux 10.2
tetex tetex 2.0.2
sco openserver 6.0
ubuntu ubuntu_linux 5.10
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
slackware slackware_linux 10.1
trustix secure_linux 2.2
easy_software_products cups 1.1.22
redhat enterprise_linux 4.0
mandrakesoft mandrake_linux 10.1
suse suse_linux 1.0
trustix secure_linux 3.0
trustix secure_linux 2.0
sgi propack 3.0
kde kpdf 3.2
kde kdegraphics 3.4.3
redhat enterprise_linux_desktop 3.0
debian debian_linux 3.0
redhat linux 7.3
libextractor libextractor *
sco openserver 5.0.7
poppler poppler 0.4.2
kde koffice 1.4.1
redhat enterprise_linux 3.0
turbolinux turbolinux_home *
turbolinux turbolinux_personal *
slackware slackware_linux 10.2
kde kword 1.4.2
gentoo linux *
CVE-2005-3903 MEDIUM

Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary code via a -S (scheme) argument that specifies a large file, a different vulnerability than CVE-2001-1063.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco unixware 7.1.3
sco unixware 7.1.4
CVE-2006-0072 HIGH

Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco openserver 5.0.5
sco openserver 5.0.4
sco openserver 5.0.2
sco openserver 5.0.7
sco openserver 5.0.6a
sco openserver 5.0.6
sco openserver 5.0.3
sco openserver 5.0
sco openserver 5.0.1
CVE-2011-1432 MEDIUM

The STARTTLS implementation in SCO SCOoffice Server does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sco scoofficeserver *