Shodan
Vulnerabilities
Vulnerable Software
Sco:  Security Vulnerabilities
CVE-2003-0742
SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program.
CVSS Score
7.2
EPSS Score
0.002
Published
2003-10-06
CVE-2003-0597
Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges.
CVSS Score
7.2
EPSS Score
0.001
Published
2003-08-27
CVE-2003-0282
Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.
CVSS Score
2.6
EPSS Score
0.107
Published
2003-06-16
CVE-2002-1998
Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21).
CVSS Score
7.5
EPSS Score
0.025
Published
2002-12-31
CVE-2002-1323
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
CVSS Score
4.6
EPSS Score
0.001
Published
2002-12-11
CVE-2002-1199
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
CVSS Score
5.0
EPSS Score
0.021
Published
2002-10-28
CVE-2002-0716
Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument.
CVSS Score
7.2
EPSS Score
0.001
Published
2002-07-26
CVE-2001-1508
Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument.
CVSS Score
4.6
EPSS Score
0.001
Published
2001-12-31
CVE-2001-1578
Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors.
CVSS Score
2.1
EPSS Score
0.001
Published
2001-12-31
CVE-2001-1579
The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.
CVSS Score
5.0
EPSS Score
0.007
Published
2001-12-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved