Sco: Security Vulnerabilities
Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.
CVSS Score
7.2
EPSS Score
0.001
Published
1999-11-04
Buffer overflow in SCO UnixWare Xsco command via a long argument.
CVSS Score
7.2
EPSS Score
0.005
Published
1999-11-01
userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack.
CVSS Score
2.1
EPSS Score
0.002
Published
1999-10-11
UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes.
CVSS Score
7.2
EPSS Score
0.001
Published
1999-10-04
SCO Doctor allows local users to gain root privileges through a Tools option.
CVSS Score
7.2
EPSS Score
0.001
Published
1999-09-09
Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access.
CVSS Score
7.2
EPSS Score
0.001
Published
1999-03-07
A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user.
CVSS Score
7.2
EPSS Score
0.0
Published
1999-03-01
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
CVSS Score
10.0
EPSS Score
0.483
Published
1999-02-09
Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges.
CVSS Score
7.5
EPSS Score
0.007
Published
1999-01-27
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
CVSS Score
10.0
EPSS Score
0.005
Published
1998-12-04