MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| university_of_washington | pine | 4.02 |
| hp | dtmail | * |
| sco | unixware | 7.0 |
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sgi | irix | 5.0.1 |
| sco | open_desktop | 3.0 |
| sgi | irix | 4.0.5_iop |
| data_general | dg_ux | 5.4_4.1 |
| ibm | aix | 4.2 |
| sgi | irix | 5.1.1 |
| sgi | irix | 4.0.5f |
| sun | sunos | 5.4 |
| sgi | irix | 4.0.4 |
| sgi | irix | 4.0.4t |
| sgi | irix | 6.2 |
| sgi | irix | 4.0.2 |
| sgi | irix | 4.0.1t |
| sun | solaris | 2.5 |
| sgi | irix | 4.0.5_ipr |
| sco | open_desktop | 5.0 |
| redhat | linux | 4.2 |
| sgi | irix | 4.0.3 |
| sgi | irix | 6.3 |
| sun | sunos | 5.5.1 |
| sun | sunos | 5.3 |
| bsdi | bsd_os | 2.0.1 |
| sgi | irix | 4.0.5e |
| caldera | openlinux | 1.0 |
| ibm | aix | 4.2.1 |
| sgi | irix | 3.3.3 |
| sgi | irix | 6.0 |
| sgi | irix | 4.0.5g |
| netbsd | netbsd | 1.2.1 |
| ibm | aix | 4.1.2 |
| netbsd | netbsd | 1.0 |
| sgi | irix | 3.2 |
| sgi | irix | 4.0.5h |
| redhat | linux | 4.1 |
| sco | unixware | 2.1 |
| ibm | aix | 4.1.5 |
| sco | unixware | 7.0 |
| nec | asl_ux_4800 | 64 |
| sgi | irix | 4.0.5 |
| sgi | irix | 5.2 |
| netbsd | netbsd | 1.2 |
| ibm | aix | 4.1 |
| isc | bind | 8.1 |
| ibm | aix | 4.1.1 |
| sun | sunos | 5.5 |
| sgi | irix | 5.0 |
| sun | sunos | - |
| bsdi | bsd_os | 2.0 |
| sgi | irix | 3.3.1 |
| sgi | irix | 4.0.5d |
| netbsd | netbsd | 1.1 |
| sgi | irix | 4.0.4b |
| sgi | irix | 4.0 |
| ibm | aix | 4.1.4 |
| sgi | irix | 6.1 |
| ibm | aix | 4.3 |
| isc | bind | 4.9.6 |
| sgi | irix | 5.3 |
| redhat | linux | 4.0 |
| sun | solaris | 2.6 |
| sgi | irix | 3.3.2 |
| data_general | dg_ux | 5.4_3.0 |
| netbsd | netbsd | 1.3 |
| ibm | aix | 4.1.3 |
| sun | solaris | 2.5.1 |
| isc | bind | 8.1.1 |
| sgi | irix | 5.1 |
| bsdi | bsd_os | 2.1 |
| sgi | irix | 3.3 |
| data_general | dg_ux | 5.4_4.11 |
| netbsd | netbsd | 1.3.1 |
| sgi | irix | 4.0.1 |
| sgi | irix | 4.0.5a |
| redhat | linux | 5.0 |
| data_general | dg_ux | 5.4_3.1 |
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| nec | asl_ux_4800 | 11 |
| sco | open_desktop | 3.0 |
| ibm | aix | 4.1 |
| sun | sunos | 5.5 |
| ibm | aix | 4.2 |
| sun | sunos | 5.4 |
| data_general | dg_ux | y2k_patchr4.20mu03 |
| isc | bind | 8 |
| nec | asl_ux_4800 | 13 |
| isc | bind | 4.9 |
| redhat | linux | 4.2 |
| sun | sunos | 5.5.1 |
| ibm | aix | 4.3 |
| sun | sunos | 5.3 |
| data_general | dg_ux | y2k_patchr4.11mu05 |
| data_general | dg_ux | y2k_patchr4.20mu01 |
| sco | openserver | 5.0 |
| data_general | dg_ux | y2k_patchr4.20mu02 |
| netbsd | netbsd | 1.3 |
| sun | sunos | 5.6 |
| sco | unix | 3.2v4 |
| sco | unixware | 2.1 |
| netbsd | netbsd | 1.3.1 |
| redhat | linux | 5.0 |
| sco | unixware | 7.0 |
| data_general | dg_ux | y2k_patchr4.12mu03 |
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,CWE-1067,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| nec | asl_ux_4800 | 11 |
| sco | open_desktop | 3.0 |
| ibm | aix | 4.1 |
| sun | sunos | 5.5 |
| ibm | aix | 4.2 |
| sun | sunos | 5.4 |
| data_general | dg_ux | y2k_patchr4.20mu03 |
| isc | bind | 8 |
| nec | asl_ux_4800 | 13 |
| isc | bind | 4.9 |
| redhat | linux | 4.2 |
| sun | sunos | 5.5.1 |
| ibm | aix | 4.3 |
| sun | sunos | 5.3 |
| data_general | dg_ux | y2k_patchr4.11mu05 |
| data_general | dg_ux | y2k_patchr4.20mu01 |
| sco | openserver | 5.0 |
| data_general | dg_ux | y2k_patchr4.20mu02 |
| netbsd | netbsd | 1.3 |
| sun | sunos | 5.6 |
| sco | unix | 3.2v4 |
| sco | unixware | 2.1 |
| netbsd | netbsd | 1.3.1 |
| redhat | linux | 5.0 |
| sco | unixware | 7.0 |
| data_general | dg_ux | y2k_patchr4.12mu03 |
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freebsd | freebsd | 2.0 |
| siemens | reliant_unix | * |
| netbsd | netbsd | 1.2 |
| sco | open_desktop | 3.0 |
| ibm | aix | 4.1 |
| sun | sunos | 5.5 |
| ibm | aix | 4.2 |
| sun | sunos | 5.4 |
| sco | openserver | 5.0.4 |
| freebsd | freebsd | 2.1.7 |
| netbsd | netbsd | 1.1 |
| freebsd | freebsd | 1.0 |
| caldera | openlinux | 1.2 |
| sun | sunos | 4.1.4 |
| sun | sunos | 5.5.1 |
| gnu | inet | 6.01 |
| ibm | aix | 4.3 |
| sun | sunos | 5.3 |
| freebsd | freebsd | 2.1.0 |
| washington_university | wu-ftpd | 2.4 |
| gnu | inet | 6.02 |
| netbsd | netbsd | 1.2.1 |
| freebsd | freebsd | 1.1 |
| gnu | inet | 5.01 |
| netbsd | netbsd | 1.0 |
| sun | sunos | 4.1.3u1 |
| freebsd | freebsd | 1.2 |
| sco | unixware | 2.1 |
| ibm | aix | 3.2 |
Delete or create a file via rpc.statd, due to invalid information.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sgi | irix | 6.1 |
| sun | sunos | 5.3 |
| ibm | aix | 4.1 |
| data_general | dg_ux | 4.11 |
| sun | sunos | 5.5 |
| sco | open_desktop | 3 |
| sco | openserver | 5.0 |
| sco | unixware | 2 |
| sun | sunos | 5.4 |
| nighthawk | powerux | * |
| sco | openserver | 3.0 |
| nighthawk | cx_ux | * |
| ncr | mp-ras | 2.03 |
| ncr | mp-ras | 3.0 |
| sun | sunos | 4.1.4 |
| ibm | aix | 3.2 |
| sun | sunos | 4.1.3 |
| sco | open_desktop | 2 |
Local user gains root privileges via buffer overflow in rdist, via lookup() function.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freebsd | freebsd | 2.0 |
| sco | openserver | 5.0.2 |
| sco | open_desktop | 3.0 |
| ibm | aix | 4.1 |
| sun | sunos | 5.5 |
| sco | internet_faststart | 1.0 |
| ibm | aix | 4.2 |
| sun | sunos | 5.4 |
| sun | sunos | - |
| sco | openserver | 2.0 |
| sco | tcp_ip | 1.2.0 |
| inet | inet | 6.01 |
| sco | tcp_ip | 1.2.1 |
| sco | open_desktop | 2.0 |
| sun | sunos | 4.1.4 |
| sco | unixware | 2.0 |
| sun | sunos | 5.5.1 |
| sun | sunos | 4.1.3 |
| sun | sunos | 5.3 |
| freebsd | freebsd | 2.1.0 |
| freebsd | freebsd | 2.0.5 |
| bsdi | bsd_os | * |
| inet | inet | 5.01 |
| sco | openserver | 5.0 |
| freebsd | freebsd | 2.2 |
| sun | sunos | 4.1.3u1 |
| sco | unixware | 2.1 |
| ibm | aix | 3.2 |
DNS cache poisoning via BIND, by predictable query IDs.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | sunos | 5.3 |
| nec | asl_ux_4800 | 64 |
| sco | open_desktop | 3.0 |
| ibm | aix | 4.1 |
| isc | bind | 8.1 |
| sun | solaris | 2.4 |
| sun | sunos | 5.5 |
| nec | ews-ux_v | 4.2 |
| sco | openserver | 5.0 |
| sun | solaris | 2.6 |
| isc | bind | 4.9.5 |
| ibm | aix | 4.2 |
| nec | up-ux_v | 4.2mp |
| sun | sunos | 5.4 |
| sun | sunos | - |
| sun | solaris | 2.5.1 |
| nec | ews-ux_v | 4.2mp |
| bsdi | bsd_os | 2.1 |
| sun | solaris | 2.5 |
| sco | unix | 3.2v4 |
| sco | unixware | 2.1 |
| sun | sunos | 5.5.1 |
| bsdi | bsd_os | 3.0 |
Command execution in Sun systems via buffer overflow in the at program.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | sunos | 5.3 |
| sco | open_desktop | 3.0 |
| sun | sunos | 5.5 |
| sco | openserver | 5.0 |
| sun | sunos | 5.4 |
| sco | openserver | 3.0 |
| sgi | irix | * |
| ncr | mp-ras | 3.0 |
| sco | unixware | 3.2v4 |
| sco | unixware | 2.1 |
| sun | sunos | 5.5.1 |
| ibm | aix | * |
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freebsd | freebsd | 6.2 |
| sgi | irix | 5.3 |
| ibm | aix | 4.1 |
| bsdi | bsd_os | * |
| sun | sunos | 5.5 |
| hp | hp-ux | * |
| ibm | aix | 4.2 |
| sun | sunos | 5.4 |
| nec | up-ux_v | * |
| sun | sunos | 4.1 |
| ncr | mp-ras | 2.03 |
| ncr | mp-ras | 3.0 |
| next | nextstep | * |
| sco | openserver | 5 |
| ncr | mp-ras | 3.01 |
| sco | unixware | 2.1 |
| ibm | aix | 3.2 |
Sendmail decode alias can be used to overwrite sensitive files.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.2 |
| freebsd | freebsd | 2.1.6.1 |
| freebsd | freebsd | 2.1.5 |
| sco | internet_faststart | 1.1 |
| bsdi | bsd_os | * |
| sco | openserver | 5.0 |
| sco | internet_faststart | 1.0 |
| freebsd | freebsd | 2.1.6 |
Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.2 |
| sco | open_desktop | 3.0 |
| ibm | aix | 4.1 |
| sco | internet_faststart | 1.1 |
| ibm | sng | * |
| sun | sunos | 5.5 |
| sco | openserver | 5.0 |
| sco | internet_faststart | 1.0 |
| ibm | aix | 4.2 |
| sun | sunos | 5.4 |
| ibm | sng | 2.1 |
| ibm | sng | 2.2 |
| digital | osf_1 | 1.3.3 |
| sco | tcp_ip | 1.2.1 |
| linux | linux_kernel | 2.0 |
| ibm | aix | 3.2 |
| sun | sunos | 5.5.1 |
| linux | linux_kernel | 1.3.0 |
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.10 |
| hp | hp-ux | 10.01 |
| sco | openserver | 5.0.2 |
| ibm | aix | 4.1 |
| sco | internet_faststart | 1.1 |
| sun | solaris | 2.4 |
| sun | sunos | 5.5 |
| eric_allman | sendmail | 8.8 |
| sco | internet_faststart | 1.0 |
| ibm | aix | 4.2 |
| sun | sunos | 5.4 |
| freebsd | freebsd | 2.1.5 |
| eric_allman | sendmail | 8.8.1 |
| sun | solaris | 2.5 |
| hp | hp-ux | 10.00 |
| freebsd | freebsd | 2.1.6 |
| sun | sunos | 4.1.4 |
| sun | sunos | 5.5.1 |
| sun | sunos | 5.3 |
| freebsd | freebsd | 2.1.6.1 |
| sco | openserver | 5.0 |
| hp | hp-ux | 10.20 |
| eric_allman | sendmail | 8.8.3 |
| sun | solaris | 2.5.1 |
| bsdi | bsd_os | 2.1 |
| eric_allman | sendmail | 8.8.2 |
| sun | sunos | 4.1.3u1 |
| hp | hp-ux | 10.16 |
| ibm | aix | 3.2 |
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.10 |
| hp | hp-ux | 10.01 |
| sco | openserver | 5.0.2 |
| eric_allman | sendmail | 8.7.2 |
| ibm | aix | 4.1 |
| redhat | linux | 3.0.3 |
| eric_allman | sendmail | 8.7.5 |
| sco | openserver | 5.0 |
| sco | internet_faststart | 1.0 |
| ibm | aix | 4.2 |
| eric_allman | sendmail | 8.6 |
| hp | hp-ux | 10.20 |
| eric_allman | sendmail | 8.7.1 |
| eric_allman | sendmail | 8.7.3 |
| bsdi | bsd_os | 2.1 |
| freebsd | freebsd | 2.1.5 |
| eric_allman | sendmail | 8.7.4 |
| digital | osf_1 | 1.3.2 |
| ibm | aix | 3.2 |
Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| microsoft | windows_95 | * |
| sco | openserver | 5.0 |
| microsoft | windows_2000 | * |
| microsoft | windows_nt | * |
Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freebsd | freebsd | 2.0 |
| ibm | aix | 4.1 |
| sco | internet_faststart | 1.1 |
| freebsd | freebsd | 2.0.5 |
| sco | open_desktop | 3 |
| sco | internet_faststart | 1.0 |
| ibm | aix | 4.2 |
| sun | sunos | * |
| ibm | sng | 2.1 |
| ibm | sng | 2.2 |
| freebsd | freebsd | 1.1 |
| sco | openserver | 5 |
| freebsd | freebsd | 1.0 |
| freebsd | freebsd | 1.1.5.1 |
| freebsd | freebsd | 1.2 |
| ibm | aix | 3.2 |
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.2 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr9 |
| sco | openserver | 5.0.3 |
| sco | openserver | 5.0 |
| washington_university | wu-ftpd | 2.4.2_beta18 |
| proftpd_project | proftpd | 1.2_pre1 |
| redhat | linux | 5.1 |
| sco | openserver | 5.0.5 |
| sco | openserver | 5.0.4 |
| caldera | openlinux | 1.3 |
| slackware | slackware_linux | 3.4 |
| sco | unixware | 7.0.1 |
| debian | debian_linux | 2.0 |
| slackware | slackware_linux | 3.5 |
| redhat | linux | 5.0 |
| sco | unixware | 7.0 |
| slackware | slackware_linux | 3.6 |
Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5 |
| sco | openserver | 3.0 |
A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | * |
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,NVD-CWE-noinfo,CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| microsoft | windows | - |
| cisco | ios | - |
| sco | sco_unix | - |
| ibm | os2 | - |
| apple | macos | - |
| sgi | irix | - |
| ibm | aix | - |
| oracle | solaris | - |
| apple | mac_os_x | - |
| linux | linux_kernel | - |
| novell | netware | - |
| hp | tru64 | - |
| windriver | bsdos | - |
| hp | hp-ux | - |
Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10 |
| hp | hp-ux | 11 |
| sco | unixware | 7 |
| ibm | aix | 4 |
SCO Doctor allows local users to gain root privileges through a Tools option.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.5 |
| sco | openserver | 5.0.4 |
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freebsd | freebsd | 6.2 |
| sco | internet_faststart | * |
| sco | unixware | 7.0.1 |
| redhat | linux | * |
| openbsd | openbsd | 2.4 |
| bsdi | bsd_os | * |
| sco | openserver | * |
| openbsd | openbsd | 2.3 |
| sco | unixware | 7.0 |
The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.0.1 |
| sco | unixware | 7.1 |
| sco | unixware | 7.0 |
UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.1 |
| sco | unixware | 7.0 |
Buffer overflow in SCO UnixWare Xsco command via a long argument.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.0 |
Denial of service in BIND named via malformed SIG records.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ibm | aix | 4.3 |
| sun | sunos | 5.7 |
| sco | openserver | 5 |
| sco | unixware | 2 |
| sco | unixware | 7 |
UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.0.1 |
| sco | unixware | 7.1 |
| sco | unixware | 7.1.1 |
| sco | unixware | 7.0 |
Buffer overflow in SCO su program allows local users to gain root access via a long username.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.0 |
Denial of service in BIND named via naptr.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ibm | aix | 4.3 |
| sun | sunos | 5.7 |
| sco | openserver | 5 |
| sco | unixware | 2 |
| sco | unixware | 7 |
UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.0.1 |
| sco | unixware | 7.1 |
| sco | unixware | 7.1.1 |
| sco | unixware | 7.0 |
Buffer overflow in UnixWare xauto program allows local users to gain root privilege.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.0.1 |
| sco | unixware | 7.1 |
| sco | unixware | 7.1.1 |
| sco | unixware | 7.0 |
userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0 |
UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.1 |
The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is executed.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.0.1 |
| sco | unixware | 7.1 |
| sco | unixware | 7.1.1 |
| sco | unixware | 7.0 |
UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.0.1 |
| sco | unixware | 7.1 |
| sco | unixware | 7.1.16 |
| sco | unixware | 2.0 |
| sco | unixware | 2.1 |
| sco | unixware | 7.1.1 |
| sco | unixware | 2.0.3 |
| sco | unixware | 7.0 |
Buffer overflow in mscreen on SCO OpenServer 5.0 and SCO UNIX 3.2v4 allows a local user to gain root access via (1) a long TERM environmental variable and (2) a long entry in the .mscreenrc file.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0 |
| sco | unix | 3.2v4 |
SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/tmp for the asg user, which allows other users to gain access to those accounts since /tmp and /usr/tmp are world-writable.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unix | system_v386_3.2_operating_system_2.0 |
| sco | open_desktop | 1.0 |
| sco | open_desktop | 3.0 |
| sco | unix | system_v386_3.2_operating_system_4.0 |
| sco | unix | system_v386_3.2_operating_system |
| sco | open_desktop_lite | 3.0 |
| sco | open_desktop | 2.0 |
| sco | unix | system_v386_3.2_operating_system_4.x |
| sco | openserver | 3.0 |
Vulnerability in passwd in SCO UNIX 4.0 and earlier allows attackers to cause a denial of service by preventing users from being able to log into the system.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unix | * |
| sco | open_desktop | 1.1 |
| sco | open_desktop | 2.0 |
Buffer overflow in SCO mscreen allows local users to gain root privileges via a long terminal entry (TERM) in the .mscreenrc file.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | cmw | 3.0 |
| sco | openserver_enterprise_system | 5.0.4p |
| sco | internet_faststart | all_versions |
| sco | open_desktop | 3.0 |
| sco | openserver | 5.0 |
| sco | openserver | 3.0 |
Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Open Server 3.0 allows local users to gain root privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | open_desktop | 3.0 |
| sco | openserver | 5.0 |
| sco | openserver | 3.0 |
Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access arbitrary files and gain root privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 2.0.x |
| sco | unixware | 2.1.0 |
Vulnerability in a kernel error handling routine in SCO OpenServer 5.0.2 and earlier, and SCO Internet FastStart 1.0, allows local users to gain root privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0 |
| sco | internet_faststart | 1.0 |
| sco | openserver | * |
Unspecified vulnerability in pt_chmod in SCO UNIX 4.2 and earlier allows local users to gain root access.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver_enterprise_system | 3.0 |
| sco | unix | 3.2 |
| sco | open_desktop | 3.0 |
| sco | open_desktop_lite | 3.0 |
| sco | unix | 4.0 |
| sco | unix | * |
| sco | openserver_network_system | 3.0 |
| sco | open_desktop | 2.0 |
| sco | unix | 4.1 |
Vulnerability in prwarn in SCO UNIX 4.2 and earlier allows local users to gain root access.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver_enterprise_system | 3.0 |
| sco | unix | 3.2 |
| sco | open_desktop | 3.0 |
| sco | open_desktop_lite | 3.0 |
| sco | unix | 4.0 |
| sco | unix | * |
| sco | openserver_network_system | 3.0 |
| sco | open_desktop | 2.0 |
| sco | unix | 4.1 |
Vulnerability in login in SCO UNIX 4.2 and earlier allows local users to gain root access.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver_enterprise_system | 3.0 |
| sco | unix | 3.2 |
| sco | open_desktop | 3.0 |
| sco | open_desktop_lite | 3.0 |
| sco | unix | 4.0 |
| sco | unix | * |
| sco | openserver_network_system | 3.0 |
| sco | open_desktop | 2.0 |
| sco | unix | 4.1 |
Vulnerability in "at" program in SCO UNIX 4.2 and earlier allows local users to gain root access.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver_enterprise_system | 3.0 |
| sco | unix | 3.2 |
| sco | open_desktop | 3.0 |
| sco | open_desktop_lite | 3.0 |
| sco | unix | 4.0 |
| sco | unix | * |
| sco | openserver_network_system | 3.0 |
| sco | open_desktop | 2.0 |
| sco | unix | 4.1 |
Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | * |
| sco | openserver | 5.0.4 |
| sco | openserver | 5.0.2 |
| sco | openserver | 5.0 |
| sco | openserver | * |
Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.5 |
| sco | openserver | 5.0.0 |
Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | * |
Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.1 |
| windowmaker | wmmon | 1.0b2 |
UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.1 |
Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.0.1 |
| sco | unixware | 7.1.0 |
| sco | unixware | 7.0.0 |
Buffer overflow in SCO scohelp program allows remote attackers to execute commands.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.0.1 |
| sco | unixware | 7.1 |
| sco | unixware | 7.0 |
snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.5 |
The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.1 |
| sco | unixware | 7.1.1 |
Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.5 |
| sco | openserver | 5.0.4 |
| sco | openserver | 5.0.2 |
| sco | openserver | 5.0 |
Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.1 |
| sco | unixware | 7.1.1 |
Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.0.1 |
| sco | unixware | 7.1 |
| sco | unixware | 7.1.1 |
| sco | unixware | 7.0 |
ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.1 |
| sco | unixware | 7.1.1 |
Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | * |
Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | * |
| sco | open_desktop | * |
| sco | openserver | * |
Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | * |
| netscape | enterprise_server | 2.0 |
| netscape | fasttrack_server | 2.01 |
| netscape | fasttrack_server | 2.0 |
| netscape | proxy_server | 2.5 |
| sco | unixware | 7.0 |
A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | * |
Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | * |
Some packaging commands in SCO UnixWare 7.1.0 have insecure privileges, which allows local users to add or remove software packages.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | * |
The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.0 |
Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.0 |
Buffer overflow in lpshut in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a long first argument to lpshut.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.6 |
lpusers as included with SCO OpenServer 5.0 through 5.0.6 allows a local attacker to gain additional privileges via a buffer overflow attack in the '-u' command line parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | * |
recon in SCO OpenServer 5.0 through 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first command line argument.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | * |
Buffer overflow in lpforms in SCO OpenServer 5.0-5.0.6 can allow a local attacker to gain additional privileges via a long first argument to the lpforms command.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | * |
lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first argument to the command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | * |
deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.6 |
sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.6 |
vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.5 |
| sco | openserver | 5.0.4 |
| sco | openserver | 5.0.2 |
| sco | openserver | 5.0.6 |
| sco | openserver | 5.0.3 |
| sco | openserver | 5.0 |
| sco | openserver | 5.0.1 |
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.24 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 10.01 |
| sco | openserver | 5.0.2 |
| ibm | aix | 4.3.3 |
| sco | openserver | 5.0.3 |
| sun | solaris | 2.4 |
| sun | sunos | 5.5 |
| hp | hp-ux | 11.0.4 |
| sun | sunos | 5.4 |
| sun | sunos | 5.8 |
| sun | sunos | - |
| hp | hp-ux | 11.11 |
| sco | openserver | 5.0.5 |
| sco | openserver | 5.0.4 |
| sun | sunos | 5.7 |
| sun | solaris | 2.5 |
| sgi | irix | 3.3.1 |
| hp | hp-ux | 10.00 |
| sun | sunos | 5.5.1 |
| ibm | aix | 4.3 |
| sun | sunos | 5.3 |
| ibm | aix | 5.1 |
| sun | sunos | 5.2 |
| sco | openserver | 5.0.6a |
| sgi | irix | 3.3.3 |
| sco | openserver | 5.0 |
| sun | solaris | 2.6 |
| sgi | irix | 3.3.2 |
| hp | hp-ux | 10.20 |
| sun | solaris | 8.0 |
| sco | openserver | 5.0.1 |
| sun | solaris | 2.5.1 |
| sun | sunos | 5.0 |
| ibm | aix | 4.3.1 |
| hp | hp-ux | 11.00 |
| sun | sunos | 5.1 |
| sco | openserver | 5.0.6 |
| sgi | irix | 3.2 |
| sgi | irix | 3.3 |
| sun | solaris | 7.0 |
| ibm | aix | 4.3.2 |
Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.5 |
Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and earlier allow local users to gain privileges via a long TERM environment variable to (1) atcronsh, (2) auditsh, (3) authsh, (4) backupsh, (5) lpsh, (6) sysadm.menu, or (7) termsh.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | * |
Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.5 |
| sco | openserver | 5.0.4 |
| sco | openserver | 5.0.2 |
| sco | openserver | 5.0.6a |
| sco | openserver | 5.0.3 |
| sco | openserver | 5.0 |
| sco | openserver | 5.0.1 |
Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.6 |
The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | open_unix | 8.0.0 |
| sco | unixware | 7 |
Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.5 |
| sco | openserver | 5.0.6 |
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.5 |
| sco | openserver | 5.0.6a |
| sco | openserver | 5.0.6 |
| sun | sunos | 5.7 |
| caldera | openlinux | 2.4 |
| caldera | openlinux | 2.2 |
| sun | solaris | 9.0 |
| sun | sunos | 5.8 |
| caldera | openlinux | 2.3 |
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.1.2 |
| sgi | irix | 6.5.17m |
| sgi | irix | 6.5.15 |
| safe.pm | safe.pm | 2.0_7 |
| sgi | irix | 6.5.20f |
| sgi | irix | 6.5.12 |
| sgi | irix | 6.5.8 |
| sgi | irix | 6.5.9 |
| sgi | irix | 6.5.1 |
| sgi | irix | 6.5.19f |
| sun | sunos | 5.8 |
| sgi | irix | 6.5 |
| sgi | irix | 6.5.2 |
| redhat | enterprise_linux | 2.1 |
| sgi | irix | 6.5.20m |
| sun | solaris | 9.0 |
| sgi | irix | 6.5.6 |
| sgi | irix | 6.5.5 |
| sgi | irix | 6.5.7 |
| sgi | irix | 6.5.11 |
| sgi | irix | 6.5.13 |
| sgi | irix | 6.5.10 |
| sgi | irix | 6.5.4 |
| safe.pm | safe.pm | 2.0_6 |
| sgi | irix | 6.5.16 |
| sco | open_unix | 8.0 |
| sgi | irix | 6.5.18f |
| sun | solaris | 8.0 |
| sun | linux | 5.0.7 |
| sgi | irix | 6.5.17f |
| sgi | irix | 6.5.3 |
| sco | unixware | 7.1.3 |
| sgi | irix | 6.5.21m |
| sgi | irix | 6.5.19 |
| sgi | irix | 6.5.18 |
| sgi | irix | 6.5.18m |
| sgi | irix | 6.5.22 |
| sgi | irix | 6.5.14 |
| sgi | irix | 6.5.21f |
| sgi | irix | 6.5.17 |
| redhat | linux_advanced_workstation | 2.1 |
| sgi | irix | 6.5.19m |
Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21).
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | open_unix | 8.0.0 |
| sco | unixware | 7.1.1 |
Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openlinux_workstation | 3.1.1 |
| info-zip | unzip | 5.50 |
| sco | openlinux_server | 3.1.1 |
Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.7 |
| sco | openserver | 5.0.6 |
Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| caldera | openserver | 5.0.7 |
| sco | unixware | 7.1.3 |
| caldera | openlinux_server | 3.1.1 |
| caldera | openlinux_workstation | 3.1.1 |
SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.5 |
| sco | openserver | 5.0.7 |
| sco | openserver | 5.0.6 |
The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.7 |
| mozilla | mozilla | * |
Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.1.3 |
| sco | open_unix | 8.0 |
| sco | unixware | 7.1.1 |
Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.5 |
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| isc | bind | 8.4.1 |
| compaq | tru64 | 4.0f_pk6_bl17 |
| nixu | namesurfer | standard_3.0.1 |
| isc | bind | 8.4 |
| sun | sunos | 5.8 |
| freebsd | freebsd | 4.7 |
| hp | hp-ux | 11.11 |
| ibm | aix | 5.1l |
| compaq | tru64 | 5.1a_pk1_bl1 |
| isc | bind | 8.3.4 |
| isc | bind | 8.2.4 |
| compaq | tru64 | 5.1 |
| isc | bind | 8.2.5 |
| compaq | tru64 | 4.0g_pk3_bl17 |
| sco | unixware | 7.1.1 |
| compaq | tru64 | 5.1a_pk4_bl21 |
| netbsd | netbsd | current |
| compaq | tru64 | 5.1_pk3_bl17 |
| isc | bind | 8.2.7 |
| isc | bind | 8.3.5 |
| compaq | tru64 | 5.1a_pk5_bl23 |
| compaq | tru64 | 5.1b_pk2_bl22 |
| sun | solaris | 8.0 |
| compaq | tru64 | 4.0f |
| netbsd | netbsd | 1.6 |
| freebsd | freebsd | 4.6 |
| nixu | namesurfer | suite_3.0.1 |
| isc | bind | 8.3.2 |
| compaq | tru64 | 4.0f_pk7_bl18 |
| isc | bind | 8.3.3 |
| isc | bind | 8.2.3 |
| compaq | tru64 | 5.1a_pk3_bl3 |
| compaq | tru64 | 5.1a |
| isc | bind | 8.3.1 |
| netbsd | netbsd | 1.6.1 |
| compaq | tru64 | 5.1_pk6_bl20 |
| compaq | tru64 | 5.1b |
| compaq | tru64 | 4.0g_pk4_bl22 |
| freebsd | freebsd | 4.9 |
| compaq | tru64 | 5.1b_pk1_bl1 |
| isc | bind | 8.3.6 |
| sun | sunos | 5.7 |
| compaq | tru64 | 4.0g |
| freebsd | freebsd | 5.0 |
| sun | solaris | 9.0 |
| freebsd | freebsd | 4.6.2 |
| freebsd | freebsd | 4.8 |
| compaq | tru64 | 5.1_pk4_bl18 |
| compaq | tru64 | 5.1a_pk2_bl2 |
| isc | bind | 8.3.0 |
| isc | bind | 8.2.6 |
| hp | hp-ux | 11.00 |
| freebsd | freebsd | 4.4 |
| compaq | tru64 | 5.1_pk5_bl19 |
| freebsd | freebsd | 4.5 |
| compaq | tru64 | 4.0f_pk8_bl22 |
| sun | solaris | 7.0 |
SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.1.3 |
| sco | open_unix | 8.0 |
| sco | unixware | 7.1.1 |
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-476,CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lite | speed_technologies_litespeed_web_server | 1.2.2 |
| stonesoft | stonegate_vpn_client | 2.0.7 |
| openssl | openssl | 0.9.7c |
| avaya | vsu | 100_r2.0.1 |
| openssl | openssl | 0.9.6d |
| lite | speed_technologies_litespeed_web_server | 1.0.2 |
| cisco | css_secure_content_accelerator | 1.0 |
| avaya | sg203 | 4.31.29 |
| stonesoft | stonegate | 2.0.6 |
| cisco | call_manager | * |
| lite | speed_technologies_litespeed_web_server | 1.2_rc2 |
| stonesoft | stonebeat_webcluster | 2.0 |
| securecomputing | sidewinder | 5.2 |
| securecomputing | sidewinder | 5.2.0.04 |
| bluecoat | cacheos_ca_sa | 4.1.12 |
| avaya | intuity_audix | * |
| cisco | firewall_services_module | 1.1.3 |
| avaya | sg5 | 4.3 |
| stonesoft | stonegate | 2.2.1 |
| checkpoint | firewall-1 | next_generation_fp1 |
| novell | edirectory | 8.5.27 |
| avaya | s8700 | r2.0.0 |
| novell | edirectory | 8.5 |
| cisco | ios | 12.1(11)e |
| freebsd | freebsd | 5.2.1 |
| symantec | clientless_vpn_gateway_4400 | 5.0 |
| stonesoft | stonegate_vpn_client | 1.7 |
| checkpoint | provider-1 | 4.1 |
| stonesoft | stonegate | 1.7.2 |
| avaya | converged_communications_server | 2.0 |
| checkpoint | firewall-1 | next_generation_fp0 |
| stonesoft | stonebeat_securitycluster | 2.5 |
| vmware | gsx_server | 3.0_build_7592 |
| cisco | pix_firewall_software | 6.2(2) |
| cisco | pix_firewall | 6.2.2_.111 |
| stonesoft | stonegate | 2.1 |
| cisco | pix_firewall_software | 6.1 |
| vmware | gsx_server | 2.5.1 |
| lite | speed_technologies_litespeed_web_server | 1.3.1 |
| openssl | openssl | 0.9.6c |
| dell | bsafe_ssl-j | 3.1 |
| cisco | css11000_content_services_switch | * |
| vmware | gsx_server | 2.0 |
| dell | bsafe_ssl-j | 3.0.1 |
| stonesoft | stonegate | 2.0.8 |
| cisco | ios | 12.1(13)e9 |
| cisco | pix_firewall_software | 6.1(3) |
| cisco | ios | 12.1(11b)e |
| stonesoft | stonegate | 1.6.2 |
| redhat | linux | 8.0 |
| avaya | s8300 | r2.0.1 |
| bluecoat | cacheos_ca_sa | 4.1.10 |
| tarantella | tarantella_enterprise | 3.40 |
| redhat | enterprise_linux_desktop | 3.0 |
| cisco | webns | 6.10 |
| avaya | s8700 | r2.0.1 |
| avaya | sg200 | 4.31.29 |
| bluecoat | proxysg | * |
| securecomputing | sidewinder | 5.2.1.02 |
| openssl | openssl | 0.9.6i |
| avaya | vsu | 5 |
| cisco | css_secure_content_accelerator | 2.0 |
| checkpoint | vpn-1 | next_generation_fp1 |
| cisco | okena_stormwatch | 3.2 |
| stonesoft | stonegate | 2.0.4 |
| stonesoft | stonegate | 2.0.1 |
| hp | hp-ux | 11.11 |
| cisco | webns | 7.1_0.2.06 |
| openssl | openssl | 0.9.6g |
| checkpoint | firewall-1 | 2.0 |
| 4d | webstar | 5.2 |
| cisco | content_services_switch_11500 | * |
| 4d | webstar | 5.2.2 |
| cisco | application_and_content_networking_software | * |
| stonesoft | stonebeat_fullcluster | 3.0 |
| checkpoint | vpn-1 | next_generation_fp2 |
| vmware | gsx_server | 2.0.1_build_2129 |
| cisco | firewall_services_module | 1.1.2 |
| lite | speed_technologies_litespeed_web_server | 1.0.3 |
| checkpoint | firewall-1 | next_generation_fp2 |
| redhat | openssl | 0.9.6-15 |
| cisco | pix_firewall_software | 6.0(2) |
| lite | speed_technologies_litespeed_web_server | 1.1.1 |
| cisco | gss_4490_global_site_selector | * |
| openssl | openssl | 0.9.7a |
| checkpoint | vpn-1 | next_generation_fp0 |
| lite | speed_technologies_litespeed_web_server | 1.2_rc1 |
| sun | crypto_accelerator_4000 | 1.0 |
| lite | speed_technologies_litespeed_web_server | 1.0.1 |
| avaya | vsu | 500 |
| novell | edirectory | 8.6.2 |
| cisco | ios | 12.1(19)e1 |
| hp | hp-ux | 8.05 |
| cisco | firewall_services_module | * |
| avaya | sg203 | 4.4 |
| freebsd | freebsd | 4.8 |
| neoteris | instant_virtual_extranet | 3.0 |
| avaya | intuity_audix | s3400 |
| freebsd | freebsd | 5.2 |
| novell | imanager | 2.0 |
| avaya | sg208 | 4.4 |
| avaya | vsu | 5x |
| hp | hp-ux | 11.00 |
| cisco | pix_firewall_software | 6.2(3.100) |
| stonesoft | stonegate | 1.5.18 |
| lite | speed_technologies_litespeed_web_server | 1.3_rc1 |
| cisco | pix_firewall_software | 6.1(4) |
| stonesoft | stonebeat_fullcluster | 2.5 |
| cisco | pix_firewall_software | 6.1(5) |
| neoteris | instant_virtual_extranet | 3.1 |
| cisco | pix_firewall_software | 6.0(1) |
| cisco | pix_firewall_software | 6.2(3) |
| novell | edirectory | 8.7 |
| securecomputing | sidewinder | 5.2.0.01 |
| cisco | ios | 12.2sy |
| cisco | pix_firewall_software | 6.0(4.101) |
| cisco | threat_response | * |
| openssl | openssl | 0.9.7 |
| cisco | pix_firewall_software | 6.3(3.109) |
| sgi | propack | 2.3 |
| neoteris | instant_virtual_extranet | 3.2 |
| cisco | ciscoworks_common_management_foundation | 2.1 |
| cisco | pix_firewall_software | 6.1(2) |
| cisco | ios | 12.1(11b)e14 |
| cisco | firewall_services_module | 2.1_(0.208) |
| avaya | intuity_audix | 5.1.46 |
| stonesoft | stonegate_vpn_client | 2.0.9 |
| cisco | mds_9000 | * |
| avaya | sg200 | 4.4 |
| openssl | openssl | 0.9.6k |
| openssl | openssl | 0.9.6j |
| cisco | pix_firewall_software | 6.0 |
| 4d | webstar | 5.2.1 |
| cisco | webns | 7.1_0.1.02 |
| avaya | vsu | 10000_r2.0.1 |
| openbsd | openbsd | 3.3 |
| cisco | pix_firewall_software | 6.1(1) |
| cisco | webns | 6.10_b4 |
| hp | wbem | a.02.00.01 |
| lite | speed_technologies_litespeed_web_server | 1.2.1 |
| freebsd | freebsd | 5.1 |
| stonesoft | stonegate | 1.7 |
| cisco | ios | 12.2(14)sy |
| cisco | webns | 7.2_0.0.03 |
| hp | apache-based_web_server | 2.0.43.04 |
| openssl | openssl | 0.9.6e |
| 4d | webstar | 5.2.4 |
| stonesoft | servercluster | 2.5 |
| stonesoft | stonegate | 1.7.1 |
| 4d | webstar | 5.3 |
| cisco | pix_firewall_software | 6.2 |
| cisco | ios | 12.1(11b)e12 |
| hp | wbem | a.01.05.08 |
| lite | speed_technologies_litespeed_web_server | 1.3_rc3 |
| hp | apache-based_web_server | 2.0.43.00 |
| securecomputing | sidewinder | 5.2.1 |
| cisco | pix_firewall_software | 6.2(1) |
| cisco | ios | 12.2za |
| avaya | s8500 | r2.0.0 |
| stonesoft | stonegate | 2.0.7 |
| openssl | openssl | 0.9.6f |
| cisco | pix_firewall_software | 6.3 |
| stonesoft | stonebeat_securitycluster | 2.0 |
| stonesoft | stonegate_vpn_client | 1.7.2 |
| stonesoft | stonegate_vpn_client | 2.0.8 |
| stonesoft | stonebeat_fullcluster | 2.0 |
| hp | hp-ux | 11.23 |
| apple | mac_os_x_server | 10.3.3 |
| stonesoft | stonegate_vpn_client | 2.0 |
| cisco | access_registrar | * |
| novell | edirectory | 8.5.12a |
| lite | speed_technologies_litespeed_web_server | 1.1 |
| redhat | linux | 7.3 |
| cisco | pix_firewall_software | 6.0(3) |
| sco | openserver | 5.0.7 |
| cisco | webns | 7.10_.0.06s |
| securecomputing | sidewinder | 5.2.0.02 |
| redhat | linux | 7.2 |
| avaya | vsu | 5000_r2.0.1 |
| checkpoint | firewall-1 | * |
| hp | aaa_server | * |
| avaya | sg5 | 4.2 |
| novell | imanager | 1.5 |
| stonesoft | stonegate | 2.0.9 |
| 4d | webstar | 5.3.1 |
| stonesoft | stonegate | 2.2 |
| lite | speed_technologies_litespeed_web_server | 1.3_rc2 |
| openssl | openssl | 0.9.6h |
| neoteris | instant_virtual_extranet | 3.3 |
| stonesoft | stonebeat_fullcluster | 1_2.0 |
| apple | mac_os_x | 10.3.3 |
| avaya | vsu | 2000_r2.0.1 |
| stonesoft | stonegate | 1.5.17 |
| cisco | pix_firewall_software | 6.3(1) |
| avaya | s8500 | r2.0.1 |
| avaya | vsu | 7500_r2.0.1 |
| novell | edirectory | 8.0 |
| novell | edirectory | 8.7.1 |
| stonesoft | stonegate | 2.0.5 |
| cisco | gss_4480_global_site_selector | * |
| cisco | webns | 7.10 |
| redhat | openssl | 0.9.7a-2 |
| cisco | ios | 12.2(14)sy1 |
| tarantella | tarantella_enterprise | 3.20 |
| openbsd | openbsd | 3.4 |
| dell | bsafe_ssl-j | 3.0 |
| neoteris | instant_virtual_extranet | 3.3.1 |
| redhat | openssl | 0.9.6b-3 |
| lite | speed_technologies_litespeed_web_server | 1.3 |
| avaya | s8300 | r2.0.0 |
| vmware | gsx_server | 2.5.1_build_5336 |
| stonesoft | stonebeat_fullcluster | 1_3.0 |
| 4d | webstar | 5.2.3 |
| stonesoft | servercluster | 2.5.2 |
| tarantella | tarantella_enterprise | 3.30 |
| securecomputing | sidewinder | 5.2.0.03 |
| freebsd | freebsd | 4.9 |
| checkpoint | vpn-1 | vsx_ng_with_application_intelligence |
| cisco | pix_firewall_software | 6.3(3.102) |
| hp | wbem | a.02.00.00 |
| 4d | webstar | 4.0 |
| cisco | ciscoworks_common_services | 2.2 |
| stonesoft | stonegate | 2.2.4 |
| cisco | secure_content_accelerator | 10000 |
| openssl | openssl | 0.9.7b |
| sgi | propack | 3.0 |
| cisco | pix_firewall_software | 6.3(2) |
| avaya | intuity_audix | s3210 |
| cisco | pix_firewall_software | 6.0(4) |
| sgi | propack | 2.4 |
| sco | openserver | 5.0.6 |
| cisco | firewall_services_module | 1.1_(3.005) |
| redhat | enterprise_linux | 3.0 |
| stonesoft | stonebeat_webcluster | 2.5 |
| avaya | sg5 | 4.4 |
| stonesoft | stonegate | 1.6.3 |
| avaya | sg208 | * |
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lite | speed_technologies_litespeed_web_server | 1.2.2 |
| stonesoft | stonegate_vpn_client | 2.0.7 |
| openssl | openssl | 0.9.7c |
| avaya | vsu | 100_r2.0.1 |
| openssl | openssl | 0.9.6d |
| lite | speed_technologies_litespeed_web_server | 1.0.2 |
| cisco | css_secure_content_accelerator | 1.0 |
| avaya | sg203 | 4.31.29 |
| stonesoft | stonegate | 2.0.6 |
| cisco | call_manager | * |
| lite | speed_technologies_litespeed_web_server | 1.2_rc2 |
| stonesoft | stonebeat_webcluster | 2.0 |
| securecomputing | sidewinder | 5.2 |
| securecomputing | sidewinder | 5.2.0.04 |
| bluecoat | cacheos_ca_sa | 4.1.12 |
| avaya | intuity_audix | * |
| cisco | firewall_services_module | 1.1.3 |
| avaya | sg5 | 4.3 |
| stonesoft | stonegate | 2.2.1 |
| checkpoint | firewall-1 | next_generation_fp1 |
| novell | edirectory | 8.5.27 |
| avaya | s8700 | r2.0.0 |
| novell | edirectory | 8.5 |
| cisco | ios | 12.1(11)e |
| freebsd | freebsd | 5.2.1 |
| symantec | clientless_vpn_gateway_4400 | 5.0 |
| stonesoft | stonegate_vpn_client | 1.7 |
| checkpoint | provider-1 | 4.1 |
| stonesoft | stonegate | 1.7.2 |
| avaya | converged_communications_server | 2.0 |
| checkpoint | firewall-1 | next_generation_fp0 |
| stonesoft | stonebeat_securitycluster | 2.5 |
| vmware | gsx_server | 3.0_build_7592 |
| cisco | pix_firewall_software | 6.2(2) |
| cisco | pix_firewall | 6.2.2_.111 |
| stonesoft | stonegate | 2.1 |
| cisco | pix_firewall_software | 6.1 |
| vmware | gsx_server | 2.5.1 |
| lite | speed_technologies_litespeed_web_server | 1.3.1 |
| openssl | openssl | 0.9.6c |
| dell | bsafe_ssl-j | 3.1 |
| cisco | css11000_content_services_switch | * |
| vmware | gsx_server | 2.0 |
| dell | bsafe_ssl-j | 3.0.1 |
| stonesoft | stonegate | 2.0.8 |
| cisco | ios | 12.1(13)e9 |
| cisco | pix_firewall_software | 6.1(3) |
| cisco | ios | 12.1(11b)e |
| stonesoft | stonegate | 1.6.2 |
| redhat | linux | 8.0 |
| avaya | s8300 | r2.0.1 |
| bluecoat | cacheos_ca_sa | 4.1.10 |
| tarantella | tarantella_enterprise | 3.40 |
| redhat | enterprise_linux_desktop | 3.0 |
| cisco | webns | 6.10 |
| avaya | s8700 | r2.0.1 |
| avaya | sg200 | 4.31.29 |
| bluecoat | proxysg | * |
| securecomputing | sidewinder | 5.2.1.02 |
| openssl | openssl | 0.9.6i |
| avaya | vsu | 5 |
| cisco | css_secure_content_accelerator | 2.0 |
| checkpoint | vpn-1 | next_generation_fp1 |
| cisco | okena_stormwatch | 3.2 |
| stonesoft | stonegate | 2.0.4 |
| stonesoft | stonegate | 2.0.1 |
| hp | hp-ux | 11.11 |
| cisco | webns | 7.1_0.2.06 |
| openssl | openssl | 0.9.6g |
| checkpoint | firewall-1 | 2.0 |
| 4d | webstar | 5.2 |
| cisco | content_services_switch_11500 | * |
| 4d | webstar | 5.2.2 |
| cisco | application_and_content_networking_software | * |
| stonesoft | stonebeat_fullcluster | 3.0 |
| vmware | gsx_server | 2.0.1_build_2129 |
| cisco | firewall_services_module | 1.1.2 |
| lite | speed_technologies_litespeed_web_server | 1.0.3 |
| checkpoint | firewall-1 | next_generation_fp2 |
| redhat | openssl | 0.9.6-15 |
| cisco | pix_firewall_software | 6.0(2) |
| lite | speed_technologies_litespeed_web_server | 1.1.1 |
| cisco | gss_4490_global_site_selector | * |
| openssl | openssl | 0.9.7a |
| checkpoint | vpn-1 | next_generation_fp0 |
| lite | speed_technologies_litespeed_web_server | 1.2_rc1 |
| sun | crypto_accelerator_4000 | 1.0 |
| lite | speed_technologies_litespeed_web_server | 1.0.1 |
| avaya | vsu | 500 |
| novell | edirectory | 8.6.2 |
| cisco | ios | 12.1(19)e1 |
| hp | hp-ux | 8.05 |
| cisco | firewall_services_module | * |
| avaya | sg203 | 4.4 |
| freebsd | freebsd | 4.8 |
| neoteris | instant_virtual_extranet | 3.0 |
| avaya | intuity_audix | s3400 |
| freebsd | freebsd | 5.2 |
| novell | imanager | 2.0 |
| avaya | sg208 | 4.4 |
| avaya | vsu | 5x |
| hp | hp-ux | 11.00 |
| cisco | pix_firewall_software | 6.2(3.100) |
| stonesoft | stonegate | 1.5.18 |
| lite | speed_technologies_litespeed_web_server | 1.3_rc1 |
| cisco | pix_firewall_software | 6.1(4) |
| stonesoft | stonebeat_fullcluster | 2.5 |
| cisco | pix_firewall_software | 6.1(5) |
| neoteris | instant_virtual_extranet | 3.1 |
| cisco | pix_firewall_software | 6.0(1) |
| cisco | pix_firewall_software | 6.2(3) |
| novell | edirectory | 8.7 |
| securecomputing | sidewinder | 5.2.0.01 |
| cisco | ios | 12.2sy |
| cisco | pix_firewall_software | 6.0(4.101) |
| cisco | threat_response | * |
| openssl | openssl | 0.9.7 |
| cisco | pix_firewall_software | 6.3(3.109) |
| sgi | propack | 2.3 |
| neoteris | instant_virtual_extranet | 3.2 |
| cisco | ciscoworks_common_management_foundation | 2.1 |
| cisco | pix_firewall_software | 6.1(2) |
| cisco | ios | 12.1(11b)e14 |
| cisco | firewall_services_module | 2.1_(0.208) |
| avaya | intuity_audix | 5.1.46 |
| stonesoft | stonegate_vpn_client | 2.0.9 |
| cisco | mds_9000 | * |
| avaya | sg200 | 4.4 |
| openssl | openssl | 0.9.6k |
| openssl | openssl | 0.9.6j |
| cisco | pix_firewall_software | 6.0 |
| 4d | webstar | 5.2.1 |
| cisco | webns | 7.1_0.1.02 |
| avaya | vsu | 10000_r2.0.1 |
| openbsd | openbsd | 3.3 |
| cisco | pix_firewall_software | 6.1(1) |
| cisco | webns | 6.10_b4 |
| hp | wbem | a.02.00.01 |
| lite | speed_technologies_litespeed_web_server | 1.2.1 |
| freebsd | freebsd | 5.1 |
| stonesoft | stonegate | 1.7 |
| cisco | ios | 12.2(14)sy |
| cisco | webns | 7.2_0.0.03 |
| hp | apache-based_web_server | 2.0.43.04 |
| openssl | openssl | 0.9.6e |
| 4d | webstar | 5.2.4 |
| stonesoft | servercluster | 2.5 |
| stonesoft | stonegate | 1.7.1 |
| 4d | webstar | 5.3 |
| cisco | pix_firewall_software | 6.2 |
| cisco | ios | 12.1(11b)e12 |
| hp | wbem | a.01.05.08 |
| lite | speed_technologies_litespeed_web_server | 1.3_rc3 |
| hp | apache-based_web_server | 2.0.43.00 |
| securecomputing | sidewinder | 5.2.1 |
| cisco | pix_firewall_software | 6.2(1) |
| cisco | ios | 12.2za |
| avaya | s8500 | r2.0.0 |
| stonesoft | stonegate | 2.0.7 |
| openssl | openssl | 0.9.6f |
| cisco | pix_firewall_software | 6.3 |
| stonesoft | stonebeat_securitycluster | 2.0 |
| stonesoft | stonegate_vpn_client | 1.7.2 |
| stonesoft | stonegate_vpn_client | 2.0.8 |
| stonesoft | stonebeat_fullcluster | 2.0 |
| hp | hp-ux | 11.23 |
| apple | mac_os_x_server | 10.3.3 |
| stonesoft | stonegate_vpn_client | 2.0 |
| cisco | access_registrar | * |
| novell | edirectory | 8.5.12a |
| lite | speed_technologies_litespeed_web_server | 1.1 |
| redhat | linux | 7.3 |
| cisco | pix_firewall_software | 6.0(3) |
| sco | openserver | 5.0.7 |
| cisco | webns | 7.10_.0.06s |
| securecomputing | sidewinder | 5.2.0.02 |
| redhat | linux | 7.2 |
| avaya | vsu | 5000_r2.0.1 |
| checkpoint | firewall-1 | * |
| hp | aaa_server | * |
| checkpoint | vpn-1 | next_generation |
| avaya | sg5 | 4.2 |
| novell | imanager | 1.5 |
| stonesoft | stonegate | 2.0.9 |
| 4d | webstar | 5.3.1 |
| stonesoft | stonegate | 2.2 |
| lite | speed_technologies_litespeed_web_server | 1.3_rc2 |
| openssl | openssl | 0.9.6h |
| neoteris | instant_virtual_extranet | 3.3 |
| stonesoft | stonebeat_fullcluster | 1_2.0 |
| apple | mac_os_x | 10.3.3 |
| avaya | vsu | 2000_r2.0.1 |
| stonesoft | stonegate | 1.5.17 |
| cisco | pix_firewall_software | 6.3(1) |
| avaya | s8500 | r2.0.1 |
| avaya | vsu | 7500_r2.0.1 |
| novell | edirectory | 8.0 |
| novell | edirectory | 8.7.1 |
| stonesoft | stonegate | 2.0.5 |
| cisco | gss_4480_global_site_selector | * |
| cisco | webns | 7.10 |
| redhat | openssl | 0.9.7a-2 |
| cisco | ios | 12.2(14)sy1 |
| tarantella | tarantella_enterprise | 3.20 |
| openbsd | openbsd | 3.4 |
| dell | bsafe_ssl-j | 3.0 |
| neoteris | instant_virtual_extranet | 3.3.1 |
| redhat | openssl | 0.9.6b-3 |
| lite | speed_technologies_litespeed_web_server | 1.3 |
| avaya | s8300 | r2.0.0 |
| vmware | gsx_server | 2.5.1_build_5336 |
| stonesoft | stonebeat_fullcluster | 1_3.0 |
| 4d | webstar | 5.2.3 |
| stonesoft | servercluster | 2.5.2 |
| tarantella | tarantella_enterprise | 3.30 |
| securecomputing | sidewinder | 5.2.0.03 |
| freebsd | freebsd | 4.9 |
| checkpoint | vpn-1 | vsx_ng_with_application_intelligence |
| cisco | pix_firewall_software | 6.3(3.102) |
| hp | wbem | a.02.00.00 |
| 4d | webstar | 4.0 |
| cisco | ciscoworks_common_services | 2.2 |
| stonesoft | stonegate | 2.2.4 |
| cisco | secure_content_accelerator | 10000 |
| openssl | openssl | 0.9.7b |
| sgi | propack | 3.0 |
| cisco | pix_firewall_software | 6.3(2) |
| avaya | intuity_audix | s3210 |
| cisco | pix_firewall_software | 6.0(4) |
| sgi | propack | 2.4 |
| sco | openserver | 5.0.6 |
| cisco | firewall_services_module | 1.1_(3.005) |
| redhat | enterprise_linux | 3.0 |
| stonesoft | stonebeat_webcluster | 2.5 |
| avaya | sg5 | 4.4 |
| stonesoft | stonegate | 1.6.3 |
| avaya | sg208 | * |
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openssl | openssl | 0.9.7c |
| avaya | vsu | 100_r2.0.1 |
| openssl | openssl | 0.9.6d |
| cisco | css_secure_content_accelerator | 1.0 |
| avaya | sg203 | 4.31.29 |
| cisco | call_manager | * |
| stonesoft | stonebeat_webcluster | 2.0 |
| securecomputing | sidewinder | 5.2 |
| securecomputing | sidewinder | 5.2.0.04 |
| bluecoat | cacheos_ca_sa | 4.1.12 |
| avaya | intuity_audix | * |
| cisco | firewall_services_module | 1.1.3 |
| avaya | sg5 | 4.3 |
| checkpoint | firewall-1 | next_generation_fp1 |
| novell | edirectory | 8.5.27 |
| avaya | s8700 | r2.0.0 |
| novell | edirectory | 8.5 |
| cisco | ios | 12.1(11)e |
| freebsd | freebsd | 5.2.1 |
| symantec | clientless_vpn_gateway_4400 | 5.0 |
| checkpoint | provider-1 | 4.1 |
| avaya | converged_communications_server | 2.0 |
| checkpoint | firewall-1 | next_generation_fp0 |
| stonesoft | stonebeat_securitycluster | 2.5 |
| vmware | gsx_server | 3.0_build_7592 |
| cisco | pix_firewall_software | 6.2(2) |
| cisco | pix_firewall | 6.2.2_.111 |
| forcepoint | stonegate | 2.2.4 |
| cisco | pix_firewall_software | 6.1 |
| vmware | gsx_server | 2.5.1 |
| forcepoint | stonegate | 1.5.17 |
| openssl | openssl | 0.9.6c |
| dell | bsafe_ssl-j | 3.1 |
| cisco | css11000_content_services_switch | * |
| vmware | gsx_server | 2.0 |
| dell | bsafe_ssl-j | 3.0.1 |
| cisco | ios | 12.1(13)e9 |
| forcepoint | stonegate | 2.0.7 |
| cisco | pix_firewall_software | 6.1(3) |
| cisco | ios | 12.1(11b)e |
| redhat | linux | 8.0 |
| avaya | s8300 | r2.0.1 |
| forcepoint | stonegate | 1.6.2 |
| bluecoat | cacheos_ca_sa | 4.1.10 |
| tarantella | tarantella_enterprise | 3.40 |
| redhat | enterprise_linux_desktop | 3.0 |
| cisco | webns | 6.10 |
| avaya | s8700 | r2.0.1 |
| avaya | sg200 | 4.31.29 |
| bluecoat | proxysg | * |
| securecomputing | sidewinder | 5.2.1.02 |
| openssl | openssl | 0.9.6i |
| avaya | vsu | 5 |
| cisco | css_secure_content_accelerator | 2.0 |
| checkpoint | vpn-1 | next_generation_fp1 |
| cisco | okena_stormwatch | 3.2 |
| forcepoint | stonegate | 2.0.1 |
| hp | hp-ux | 11.11 |
| cisco | webns | 7.1_0.2.06 |
| openssl | openssl | 0.9.6g |
| checkpoint | firewall-1 | 2.0 |
| 4d | webstar | 5.2 |
| cisco | content_services_switch_11500 | * |
| 4d | webstar | 5.2.2 |
| cisco | application_and_content_networking_software | * |
| stonesoft | stonebeat_fullcluster | 3.0 |
| checkpoint | vpn-1 | next_generation_fp2 |
| vmware | gsx_server | 2.0.1_build_2129 |
| cisco | firewall_services_module | 1.1.2 |
| checkpoint | firewall-1 | next_generation_fp2 |
| redhat | openssl | 0.9.6-15 |
| cisco | pix_firewall_software | 6.0(2) |
| cisco | gss_4490_global_site_selector | * |
| openssl | openssl | 0.9.7a |
| checkpoint | vpn-1 | next_generation_fp0 |
| sun | crypto_accelerator_4000 | 1.0 |
| avaya | vsu | 500 |
| novell | edirectory | 8.6.2 |
| cisco | ios | 12.1(19)e1 |
| hp | hp-ux | 8.05 |
| cisco | firewall_services_module | * |
| avaya | sg203 | 4.4 |
| freebsd | freebsd | 4.8 |
| neoteris | instant_virtual_extranet | 3.0 |
| avaya | intuity_audix | s3400 |
| freebsd | freebsd | 5.2 |
| novell | imanager | 2.0 |
| avaya | sg208 | 4.4 |
| avaya | vsu | 5x |
| hp | hp-ux | 11.00 |
| cisco | pix_firewall_software | 6.2(3.100) |
| cisco | pix_firewall_software | 6.1(4) |
| stonesoft | stonebeat_fullcluster | 2.5 |
| forcepoint | stonegate | 1.7 |
| cisco | pix_firewall_software | 6.1(5) |
| neoteris | instant_virtual_extranet | 3.1 |
| cisco | pix_firewall_software | 6.0(1) |
| forcepoint | stonegate | 2.0.9 |
| cisco | pix_firewall_software | 6.2(3) |
| novell | edirectory | 8.7 |
| securecomputing | sidewinder | 5.2.0.01 |
| cisco | ios | 12.2sy |
| cisco | pix_firewall_software | 6.0(4.101) |
| cisco | threat_response | * |
| openssl | openssl | 0.9.7 |
| cisco | pix_firewall_software | 6.3(3.109) |
| sgi | propack | 2.3 |
| forcepoint | stonegate | 1.7.2 |
| neoteris | instant_virtual_extranet | 3.2 |
| litespeedtech | litespeed_web_server | 1.0.1 |
| cisco | ciscoworks_common_management_foundation | 2.1 |
| cisco | pix_firewall_software | 6.1(2) |
| cisco | ios | 12.1(11b)e14 |
| cisco | firewall_services_module | 2.1_(0.208) |
| avaya | intuity_audix | 5.1.46 |
| forcepoint | stonegate | 1.6.3 |
| cisco | mds_9000 | * |
| avaya | sg200 | 4.4 |
| openssl | openssl | 0.9.6k |
| openssl | openssl | 0.9.6j |
| cisco | pix_firewall_software | 6.0 |
| 4d | webstar | 5.2.1 |
| cisco | webns | 7.1_0.1.02 |
| avaya | vsu | 10000_r2.0.1 |
| openbsd | openbsd | 3.3 |
| forcepoint | stonegate | 2.2.1 |
| cisco | pix_firewall_software | 6.1(1) |
| cisco | webns | 6.10_b4 |
| hp | wbem | a.02.00.01 |
| freebsd | freebsd | 5.1 |
| forcepoint | stonegate | 1.7.1 |
| cisco | ios | 12.2(14)sy |
| cisco | webns | 7.2_0.0.03 |
| hp | apache-based_web_server | 2.0.43.04 |
| openssl | openssl | 0.9.6e |
| 4d | webstar | 5.2.4 |
| stonesoft | servercluster | 2.5 |
| 4d | webstar | 5.3 |
| cisco | pix_firewall_software | 6.2 |
| cisco | ios | 12.1(11b)e12 |
| hp | wbem | a.01.05.08 |
| hp | apache-based_web_server | 2.0.43.00 |
| securecomputing | sidewinder | 5.2.1 |
| cisco | pix_firewall_software | 6.2(1) |
| cisco | ios | 12.2za |
| forcepoint | stonegate | 2.0.8 |
| avaya | s8500 | r2.0.0 |
| openssl | openssl | 0.9.6f |
| cisco | pix_firewall_software | 6.3 |
| stonesoft | stonebeat_securitycluster | 2.0 |
| forcepoint | stonegate | 1.5.18 |
| forcepoint | stonegate | 2.0.6 |
| stonesoft | stonebeat_fullcluster | 2.0 |
| hp | hp-ux | 11.23 |
| apple | mac_os_x_server | 10.3.3 |
| cisco | access_registrar | * |
| novell | edirectory | 8.5.12a |
| redhat | linux | 7.3 |
| cisco | pix_firewall_software | 6.0(3) |
| sco | openserver | 5.0.7 |
| cisco | webns | 7.10_.0.06s |
| securecomputing | sidewinder | 5.2.0.02 |
| redhat | linux | 7.2 |
| avaya | vsu | 5000_r2.0.1 |
| checkpoint | firewall-1 | * |
| hp | aaa_server | * |
| forcepoint | stonegate | 2.0.5 |
| avaya | sg5 | 4.2 |
| novell | imanager | 1.5 |
| 4d | webstar | 5.3.1 |
| openssl | openssl | 0.9.6h |
| neoteris | instant_virtual_extranet | 3.3 |
| stonesoft | stonebeat_fullcluster | 1_2.0 |
| apple | mac_os_x | 10.3.3 |
| avaya | vsu | 2000_r2.0.1 |
| cisco | pix_firewall_software | 6.3(1) |
| avaya | s8500 | r2.0.1 |
| avaya | vsu | 7500_r2.0.1 |
| novell | edirectory | 8.0 |
| novell | edirectory | 8.7.1 |
| forcepoint | stonegate | 2.1 |
| cisco | gss_4480_global_site_selector | * |
| cisco | webns | 7.10 |
| redhat | openssl | 0.9.7a-2 |
| cisco | ios | 12.2(14)sy1 |
| tarantella | tarantella_enterprise | 3.20 |
| openbsd | openbsd | 3.4 |
| dell | bsafe_ssl-j | 3.0 |
| neoteris | instant_virtual_extranet | 3.3.1 |
| redhat | openssl | 0.9.6b-3 |
| forcepoint | stonegate | 2.2 |
| avaya | s8300 | r2.0.0 |
| vmware | gsx_server | 2.5.1_build_5336 |
| stonesoft | stonebeat_fullcluster | 1_3.0 |
| 4d | webstar | 5.2.3 |
| stonesoft | servercluster | 2.5.2 |
| tarantella | tarantella_enterprise | 3.30 |
| securecomputing | sidewinder | 5.2.0.03 |
| forcepoint | stonegate | 2.0.4 |
| freebsd | freebsd | 4.9 |
| checkpoint | vpn-1 | vsx_ng_with_application_intelligence |
| cisco | pix_firewall_software | 6.3(3.102) |
| hp | wbem | a.02.00.00 |
| 4d | webstar | 4.0 |
| cisco | ciscoworks_common_services | 2.2 |
| cisco | secure_content_accelerator | 10000 |
| openssl | openssl | 0.9.7b |
| sgi | propack | 3.0 |
| cisco | pix_firewall_software | 6.3(2) |
| avaya | intuity_audix | s3210 |
| cisco | pix_firewall_software | 6.0(4) |
| sgi | propack | 2.4 |
| sco | openserver | 5.0.6 |
| cisco | firewall_services_module | 1.1_(3.005) |
| redhat | enterprise_linux | 3.0 |
| stonesoft | stonebeat_webcluster | 2.5 |
| avaya | sg5 | 4.4 |
| avaya | sg208 | * |
SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.5 |
| sco | openserver | 5.0.7 |
| sco | openserver | 5.0.6 |
Multiple buffer overflows in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to execute arbitrary code, as demonstrated via the execmail program.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.7 |
| sco | openserver | 5.0.6a |
| sco | openserver | 5.0.6 |
Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a null dereference.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.7 |
| sco | openserver | 5.0.6a |
| sco | openserver | 5.0.6 |
Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a core dump.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.7 |
| sco | openserver | 5.0.6a |
| sco | openserver | 5.0.6 |
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| cscope | cscope | 15.1 |
| sco | unixware | 7.1.3 |
| sco | unixware | 7.1.4 |
| cscope | cscope | 15.5 |
| cscope | cscope | 15.4 |
| gentoo | linux | * |
| sco | unixware | 7.1.1 |
| cscope | cscope | 15.3 |
| debian | debian_linux | 3.0 |
| cscope | cscope | 13.0 |
The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.7 |
| sco | unixware | 7.1.3 |
| sco | openserver | 5.0.6 |
| sco | unixware | 7.1.4 |
| sco | unixware | 7.1.1 |
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| apache | http_server | 1.3.20 |
| apache | http_server | 1.3.26 |
| ibm | http_server | 1.3.19 |
| apache | http_server | 1.3.7 |
| hp | webproxy | a.02.10 |
| apache | http_server | 1.3.25 |
| apache | http_server | 1.3.29 |
| sun | sunos | 5.8 |
| apache | http_server | 1.3 |
| apache | http_server | 1.3.24 |
| apache | http_server | 1.3.23 |
| apache | http_server | 1.3.22 |
| apache | http_server | 1.3.12 |
| avaya | modular_messaging_message_storage_server | 1.1 |
| sun | solaris | 9.0 |
| hp | virtualvault | 4.5 |
| avaya | communication_manager | 1.3.1 |
| avaya | communication_manager | 2.0 |
| apache | http_server | 1.3.18 |
| hp | virtualvault | 4.6 |
| apache | http_server | 1.3.14 |
| avaya | communication_manager | 2.0.1 |
| avaya | communication_manager | 1.1 |
| openbsd | openbsd | 3.5 |
| hp | virtualvault | 4.7 |
| sun | solaris | 8.0 |
| apache | http_server | 1.3.19 |
| apache | http_server | 1.3.9 |
| apache | http_server | 1.3.4 |
| apache | http_server | 1.3.17 |
| apache | http_server | 1.3.6 |
| apache | http_server | 1.3.11 |
| avaya | mn100 | * |
| avaya | modular_messaging_message_storage_server | 2.0 |
| sco | openserver | 5.0.7 |
| apple | apache_mod_digest_apple | * |
| sco | openserver | 5.0.6 |
| avaya | intuity_audix_lx | * |
| apache | http_server | 1.3.28 |
| avaya | network_routing | * |
| hp | webproxy | a.02.00 |
| openbsd | openbsd | current |
| apache | http_server | 1.3.27 |
| apache | http_server | 1.3.1 |
| openbsd | openbsd | 3.4 |
| apache | http_server | 1.3.3 |
Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.7 |
| sco | unixware | 7.1.3 |
| sco | openserver | 5.0.6 |
| sco | unixware | 7.1.4 |
| sco | unixware | 7.1.1 |
Multiple buffer overflows in the enable command for SCO OpenServer 5.0.6 and 5.0.7 allow local users to execute arbitrary code via long command line arguments.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.7 |
| sco | openserver | 5.0.6 |
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| avaya | interactive_response | 1.3 |
| libtiff | libtiff | 3.5.2 |
| sun | sunos | 5.8 |
| apple | mac_os_x | 10.3.2 |
| conectiva | linux | 10.0 |
| apple | mac_os_x_server | 10.3.9 |
| sco | unixware | 7.1.4 |
| f5 | icontrol_service_manager | 1.3 |
| libtiff | libtiff | 3.5.7 |
| apple | mac_os_x | 10.3.3 |
| avaya | modular_messaging_message_storage_server | 1.1 |
| avaya | call_management_system_server | 11.0 |
| f5 | icontrol_service_manager | 1.3.4 |
| apple | mac_os_x_server | 10.3.4 |
| avaya | integrated_management | * |
| apple | mac_os_x | 10.3.5 |
| apple | mac_os_x_server | 10.3.1 |
| sun | solaris | 8.0 |
| avaya | cvlan | * |
| avaya | call_management_system_server | 13.0 |
| avaya | mn100 | * |
| libtiff | libtiff | 3.5.4 |
| avaya | intuity_audix_lx | * |
| mandrakesoft | mandrake_linux | 10.0 |
| apple | mac_os_x_server | 10.3.7 |
| libtiff | libtiff | 3.6.1 |
| sun | solaris | 10.0 |
| libtiff | libtiff | 3.5.5 |
| libtiff | libtiff | 3.7.0 |
| apple | mac_os_x | 10.3.7 |
| avaya | call_management_system_server | 8.0 |
| avaya | interactive_response | 1.2.1 |
| avaya | interactive_response | * |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 |
| conectiva | linux | 9.0 |
| avaya | call_management_system_server | 12.0 |
| apple | mac_os_x_server | 10.3.6 |
| apple | mac_os_x | 10.3 |
| apple | mac_os_x | 10.3.6 |
| libtiff | libtiff | 3.4 |
| libtiff | libtiff | 3.5.3 |
| sun | sunos | 5.7 |
| apple | mac_os_x | 10.3.8 |
| apple | mac_os_x_server | 10.3.5 |
| apple | mac_os_x | 10.3.1 |
| sun | solaris | 9.0 |
| mandrakesoft | mandrake_linux | 10.1 |
| apple | mac_os_x_server | 10.3.3 |
| apple | mac_os_x | 10.3.9 |
| avaya | call_management_system_server | 9.0 |
| apple | mac_os_x_server | 10.3 |
| sgi | propack | 3.0 |
| libtiff | libtiff | 3.6.0 |
| apple | mac_os_x_server | 10.3.2 |
| libtiff | libtiff | 3.5.1 |
| f5 | icontrol_service_manager | 1.3.6 |
| avaya | modular_messaging_message_storage_server | 2.0 |
| apple | mac_os_x_server | 10.3.8 |
| apple | mac_os_x | 10.3.4 |
| sun | solaris | 7.0 |
| f5 | icontrol_service_manager | 1.3.5 |
| gentoo | linux | * |
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freebsd | freebsd | 3.0 |
| redhat | enterprise_linux_desktop | 4.0 |
| sco | unixware | 7.1.3_up |
| freebsd | freebsd | 4.7 |
| freebsd | freebsd | 3.2 |
| redhat | enterprise_linux | 2.1 |
| ubuntu | ubuntu_linux | 5.04 |
| sco | unixware | 7.1.4 |
| freebsd | freebsd | 2.1.6 |
| freebsd | freebsd | 3.3 |
| freebsd | freebsd | 4.3 |
| freebsd | freebsd | 2.1.0 |
| freebsd | freebsd | 2.1.6.1 |
| freebsd | freebsd | 2.2.2 |
| freebsd | freebsd | 4.10 |
| freebsd | freebsd | 4.0 |
| freebsd | freebsd | 5.2.1 |
| sun | solaris | 8.0 |
| ubuntu | ubuntu_linux | 4.1 |
| freebsd | freebsd | 4.1.1 |
| freebsd | freebsd | 4.2 |
| freebsd | freebsd | 5.1 |
| freebsd | freebsd | 4.6 |
| redhat | fedora_core | core_3.0 |
| freebsd | freebsd | 2.2.5 |
| sun | solaris | 10.0 |
| freebsd | freebsd | 3.1 |
| freebsd | freebsd | 2.0 |
| freebsd | freebsd | 2.2.6 |
| freebsd | freebsd | 4.9 |
| freebsd | freebsd | 2.1.5 |
| freebsd | freebsd | 2.1.7.1 |
| freebsd | freebsd | 2.2.4 |
| freebsd | freebsd | 2.2.8 |
| freebsd | freebsd | 5.0 |
| freebsd | freebsd | 4.11 |
| sun | solaris | 9.0 |
| freebsd | freebsd | 4.6.2 |
| freebsd | freebsd | 4.8 |
| freebsd | freebsd | 5.3 |
| freebsd | freebsd | 5.4 |
| redhat | enterprise_linux | 4.0 |
| freebsd | freebsd | 3.5.1 |
| freebsd | freebsd | 3.5 |
| freebsd | freebsd | 5.2 |
| freebsd | freebsd | 2.0.5 |
| redhat | enterprise_linux_desktop | 3.0 |
| freebsd | freebsd | 3.4 |
| freebsd | freebsd | 2.2.3 |
| freebsd | freebsd | 4.1 |
| sco | openserver | 5.0.7 |
| sco | unixware | 7.1.3 |
| freebsd | freebsd | 4.4 |
| freebsd | freebsd | 2.2 |
| freebsd | freebsd | 4.5 |
| redhat | enterprise_linux | 3.0 |
| sun | solaris | 7.0 |
| freebsd | freebsd | 1.1.5.1 |
The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.1.3 |
| sco | unixware | 7.1.4 |
| sco | unixware | 7.1.1 |
Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.7 |
| sco | openserver | 5.0.6 |
Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users to execute arbitrary code via a long command line argument.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.7 |
| sco | openserver | 5.0.6 |
RPC portmapper (rpcbind) in SCO UnixWare 7.1.1 m5, 7.1.3 mp5, and 7.1.4 mp2 allows remote attackers or local users to cause a denial of service (lack of response) via multiple invalid portmap requests.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.1.4_mp2 |
| sco | unixware | 7.1.3_mp5 |
| sco | unixware | 7.1.1_m5 |
Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | * |
Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the (1) prompt or (2) defprompt command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.1.3 |
| sco | unixware | 7.1.4 |
Unspecified vulnerability in ptrace in SCO UnixWare 7.1.3 and 7.1.4 allows local users to gain privileges via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.1.3 |
| sco | unixware | 7.1.4 |
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| turbolinux | turbolinux_server | 8.0 |
| turbolinux | turbolinux | fuji |
| suse | suse_linux | 9.2 |
| redhat | fedora_core | core_1.0 |
| redhat | enterprise_linux_desktop | 4.0 |
| slackware | slackware_linux | 9.0 |
| tetex | tetex | 2.0.1 |
| conectiva | linux | 10.0 |
| suse | suse_linux | 9.0 |
| turbolinux | turbolinux_workstation | 8.0 |
| turbolinux | turbolinux | 10 |
| redhat | enterprise_linux | 2.1 |
| ubuntu | ubuntu_linux | 5.04 |
| redhat | fedora_core | core_2.0 |
| tetex | tetex | 1.0.7 |
| kde | kpdf | 3.4.3 |
| redhat | linux | 9.0 |
| kde | koffice | 1.4 |
| mandrakesoft | mandrake_linux_corporate_server | 2.1 |
| mandrakesoft | mandrake_linux | 2006 |
| suse | suse_linux | 9.1 |
| kde | koffice | 1.4.2 |
| turbolinux | turbolinux_appliance_server | 1.0_hosting_edition |
| easy_software_products | cups | 1.1.23_rc1 |
| redhat | fedora_core | core_4.0 |
| kde | kdegraphics | 3.2 |
| suse | suse_linux | 10.0 |
| ubuntu | ubuntu_linux | 4.1 |
| easy_software_products | cups | 1.1.22_rc1 |
| turbolinux | turbolinux_multimedia | * |
| turbolinux | turbolinux_server | 10.0_x86 |
| xpdf | xpdf | 3.0 |
| turbolinux | turbolinux_desktop | 10.0 |
| turbolinux | turbolinux_server | 10.0 |
| debian | debian_linux | 3.1 |
| redhat | fedora_core | core_3.0 |
| easy_software_products | cups | 1.1.23 |
| slackware | slackware_linux | 10.0 |
| redhat | linux_advanced_workstation | 2.1 |
| suse | suse_linux | 9.3 |
| slackware | slackware_linux | 9.1 |
| tetex | tetex | 3.0 |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 |
| tetex | tetex | 2.0 |
| mandrakesoft | mandrake_linux | 10.2 |
| tetex | tetex | 2.0.2 |
| sco | openserver | 6.0 |
| ubuntu | ubuntu_linux | 5.10 |
| turbolinux | turbolinux_appliance_server | 1.0_workgroup_edition |
| slackware | slackware_linux | 10.1 |
| trustix | secure_linux | 2.2 |
| easy_software_products | cups | 1.1.22 |
| redhat | enterprise_linux | 4.0 |
| mandrakesoft | mandrake_linux | 10.1 |
| suse | suse_linux | 1.0 |
| trustix | secure_linux | 3.0 |
| trustix | secure_linux | 2.0 |
| sgi | propack | 3.0 |
| kde | kpdf | 3.2 |
| kde | kdegraphics | 3.4.3 |
| redhat | enterprise_linux_desktop | 3.0 |
| debian | debian_linux | 3.0 |
| redhat | linux | 7.3 |
| libextractor | libextractor | * |
| sco | openserver | 5.0.7 |
| poppler | poppler | 0.4.2 |
| kde | koffice | 1.4.1 |
| redhat | enterprise_linux | 3.0 |
| turbolinux | turbolinux_home | * |
| turbolinux | turbolinux_personal | * |
| slackware | slackware_linux | 10.2 |
| kde | kword | 1.4.2 |
| gentoo | linux | * |
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| turbolinux | turbolinux_server | 8.0 |
| turbolinux | turbolinux | fuji |
| suse | suse_linux | 9.2 |
| redhat | fedora_core | core_1.0 |
| redhat | enterprise_linux_desktop | 4.0 |
| slackware | slackware_linux | 9.0 |
| tetex | tetex | 2.0.1 |
| conectiva | linux | 10.0 |
| suse | suse_linux | 9.0 |
| turbolinux | turbolinux_workstation | 8.0 |
| turbolinux | turbolinux | 10 |
| redhat | enterprise_linux | 2.1 |
| ubuntu | ubuntu_linux | 5.04 |
| redhat | fedora_core | core_2.0 |
| tetex | tetex | 1.0.7 |
| kde | kpdf | 3.4.3 |
| redhat | linux | 9.0 |
| kde | koffice | 1.4 |
| mandrakesoft | mandrake_linux_corporate_server | 2.1 |
| mandrakesoft | mandrake_linux | 2006 |
| suse | suse_linux | 9.1 |
| kde | koffice | 1.4.2 |
| turbolinux | turbolinux_appliance_server | 1.0_hosting_edition |
| easy_software_products | cups | 1.1.23_rc1 |
| redhat | fedora_core | core_4.0 |
| kde | kdegraphics | 3.2 |
| suse | suse_linux | 10.0 |
| ubuntu | ubuntu_linux | 4.1 |
| easy_software_products | cups | 1.1.22_rc1 |
| turbolinux | turbolinux_multimedia | * |
| turbolinux | turbolinux_server | 10.0_x86 |
| xpdf | xpdf | 3.0 |
| turbolinux | turbolinux_desktop | 10.0 |
| turbolinux | turbolinux_server | 10.0 |
| debian | debian_linux | 3.1 |
| redhat | fedora_core | core_3.0 |
| easy_software_products | cups | 1.1.23 |
| slackware | slackware_linux | 10.0 |
| redhat | linux_advanced_workstation | 2.1 |
| suse | suse_linux | 9.3 |
| slackware | slackware_linux | 9.1 |
| tetex | tetex | 3.0 |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 |
| tetex | tetex | 2.0 |
| mandrakesoft | mandrake_linux | 10.2 |
| tetex | tetex | 2.0.2 |
| sco | openserver | 6.0 |
| ubuntu | ubuntu_linux | 5.10 |
| turbolinux | turbolinux_appliance_server | 1.0_workgroup_edition |
| slackware | slackware_linux | 10.1 |
| trustix | secure_linux | 2.2 |
| easy_software_products | cups | 1.1.22 |
| redhat | enterprise_linux | 4.0 |
| mandrakesoft | mandrake_linux | 10.1 |
| suse | suse_linux | 1.0 |
| trustix | secure_linux | 3.0 |
| trustix | secure_linux | 2.0 |
| sgi | propack | 3.0 |
| kde | kpdf | 3.2 |
| kde | kdegraphics | 3.4.3 |
| redhat | enterprise_linux_desktop | 3.0 |
| debian | debian_linux | 3.0 |
| redhat | linux | 7.3 |
| libextractor | libextractor | * |
| sco | openserver | 5.0.7 |
| poppler | poppler | 0.4.2 |
| kde | koffice | 1.4.1 |
| redhat | enterprise_linux | 3.0 |
| turbolinux | turbolinux_home | * |
| turbolinux | turbolinux_personal | * |
| slackware | slackware_linux | 10.2 |
| kde | kword | 1.4.2 |
| gentoo | linux | * |
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| turbolinux | turbolinux_server | 8.0 |
| turbolinux | turbolinux | fuji |
| suse | suse_linux | 9.2 |
| redhat | fedora_core | core_1.0 |
| redhat | enterprise_linux_desktop | 4.0 |
| slackware | slackware_linux | 9.0 |
| tetex | tetex | 2.0.1 |
| conectiva | linux | 10.0 |
| suse | suse_linux | 9.0 |
| turbolinux | turbolinux_workstation | 8.0 |
| turbolinux | turbolinux | 10 |
| redhat | enterprise_linux | 2.1 |
| ubuntu | ubuntu_linux | 5.04 |
| redhat | fedora_core | core_2.0 |
| tetex | tetex | 1.0.7 |
| kde | kpdf | 3.4.3 |
| redhat | linux | 9.0 |
| kde | koffice | 1.4 |
| mandrakesoft | mandrake_linux_corporate_server | 2.1 |
| mandrakesoft | mandrake_linux | 2006 |
| suse | suse_linux | 9.1 |
| kde | koffice | 1.4.2 |
| turbolinux | turbolinux_appliance_server | 1.0_hosting_edition |
| easy_software_products | cups | 1.1.23_rc1 |
| redhat | fedora_core | core_4.0 |
| kde | kdegraphics | 3.2 |
| suse | suse_linux | 10.0 |
| ubuntu | ubuntu_linux | 4.1 |
| easy_software_products | cups | 1.1.22_rc1 |
| turbolinux | turbolinux_multimedia | * |
| turbolinux | turbolinux_server | 10.0_x86 |
| xpdf | xpdf | 3.0 |
| turbolinux | turbolinux_desktop | 10.0 |
| turbolinux | turbolinux_server | 10.0 |
| debian | debian_linux | 3.1 |
| redhat | fedora_core | core_3.0 |
| easy_software_products | cups | 1.1.23 |
| slackware | slackware_linux | 10.0 |
| redhat | linux_advanced_workstation | 2.1 |
| suse | suse_linux | 9.3 |
| slackware | slackware_linux | 9.1 |
| tetex | tetex | 3.0 |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 |
| tetex | tetex | 2.0 |
| mandrakesoft | mandrake_linux | 10.2 |
| tetex | tetex | 2.0.2 |
| sco | openserver | 6.0 |
| ubuntu | ubuntu_linux | 5.10 |
| turbolinux | turbolinux_appliance_server | 1.0_workgroup_edition |
| slackware | slackware_linux | 10.1 |
| trustix | secure_linux | 2.2 |
| easy_software_products | cups | 1.1.22 |
| redhat | enterprise_linux | 4.0 |
| mandrakesoft | mandrake_linux | 10.1 |
| suse | suse_linux | 1.0 |
| trustix | secure_linux | 3.0 |
| trustix | secure_linux | 2.0 |
| sgi | propack | 3.0 |
| kde | kpdf | 3.2 |
| kde | kdegraphics | 3.4.3 |
| redhat | enterprise_linux_desktop | 3.0 |
| debian | debian_linux | 3.0 |
| redhat | linux | 7.3 |
| libextractor | libextractor | * |
| sco | openserver | 5.0.7 |
| poppler | poppler | 0.4.2 |
| kde | koffice | 1.4.1 |
| redhat | enterprise_linux | 3.0 |
| turbolinux | turbolinux_home | * |
| turbolinux | turbolinux_personal | * |
| slackware | slackware_linux | 10.2 |
| kde | kword | 1.4.2 |
| gentoo | linux | * |
Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary code via a -S (scheme) argument that specifies a large file, a different vulnerability than CVE-2001-1063.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.1.3 |
| sco | unixware | 7.1.4 |
Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0.5 |
| sco | openserver | 5.0.4 |
| sco | openserver | 5.0.2 |
| sco | openserver | 5.0.7 |
| sco | openserver | 5.0.6a |
| sco | openserver | 5.0.6 |
| sco | openserver | 5.0.3 |
| sco | openserver | 5.0 |
| sco | openserver | 5.0.1 |
The STARTTLS implementation in SCO SCOoffice Server does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | scoofficeserver | * |