openserver · threatengine.sh

CVE-2020-25495

all versions

A reflected Cross-site scripting (XSS) vulnerability in Xinuo (formerly SCO) Openserver version 5 and 6 allows remote attackers to

6.1MEDIUM

CVE-2020-25494

all versions

Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform o

9.8CRITICAL

CVE-2006-0072

all versions

Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line arg

CVE-2005-3626

all versions

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause

CVE-2005-3625

all versions

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause

CVE-2005-3624

all versions

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and

CVE-2005-2926

<= 5.0.7

Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code vi

CVE-2005-0993

all versions

Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users to execute arbitrary code via a long command line argument.

CVE-2005-0351

all versions

Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute

CVE-2005-0109

all versions

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, all

5.6MEDIUM

CVE-2004-1131

all versions

Multiple buffer overflows in the enable command for SCO OpenServer 5.0.6 and 5.0.7 allow local users to execute arbitrary code via

CVE-2004-1039

all versions

The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows re

CVE-2004-0390

all versions

SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows re

CVE-2004-0512

all versions

Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers

CVE-2004-0511

all versions

Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers

CVE-2004-0510

all versions

Multiple buffer overflows in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to exec

CVE-2004-0112

all versions

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the

CVE-2004-0081

all versions

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of ser

CVE-2004-0079

all versions

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of

7.5HIGH

CVE-2004-0230

all versions

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service

CVE-2004-1082

all versions

mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which al

CVE-2004-1124

all versions

Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unaut

CVE-2003-0872

all versions

Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a sy

CVE-2003-0658

all versions

Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that

CVE-2003-0791

all versions

The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying

9.8CRITICAL

CVE-2003-0742

all versions

SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to ca

CVE-2003-0597

all versions

Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges.

CVE-2002-1199

all versions

The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp,

CVE-2002-0887

all versions

scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on tempor

CVE-2002-0716

all versions

Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string

CVE-2002-0442

all versions

Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges.

CVE-1999-1570

all versions

Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter.

CVE-2001-1578

all versions

Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU re

CVE-2001-1508

all versions

Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a lon

CVE-2001-0797

all versions

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a l

CVE-2001-0896

all versions

Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO.

CVE-2001-1062

<= 5.0.6a

Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local users to execute arbitrary code.

CVE-2001-0627

all versions

vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack.

CVE-2001-0588

all versions

sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional p

CVE-2001-0587

all versions

deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer over

CVE-2001-0579

<= 5.0.6

lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first

CVE-2001-0578

<= 5.0.6

Buffer overflow in lpforms in SCO OpenServer 5.0-5.0.6 can allow a local attacker to gain additional privileges via a long first a

CVE-2001-0577

<= 5.0.6

recon in SCO OpenServer 5.0 through 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in

CVE-2001-0576

<= 5.0.6

lpusers as included with SCO OpenServer 5.0 through 5.0.6 allows a local attacker to gain additional privileges via a buffer over

CVE-2001-0575

all versions

Buffer overflow in lpshut in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a long first argume

CVE-2001-1148

<= 5.0.6a

Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and earlier allow local users to gain

CVE-2000-0307

<= 5.05

Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service whi

CVE-2000-0306

<= 5.04

Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message.

CVE-2000-0158

all versions

Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon.

CVE-2000-0147

all versions

snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host'

CVE-1999-0851

all versions

Denial of service in BIND named via naptr.

CVE-1999-0835

all versions

Denial of service in BIND named via malformed SIG records.

CVE-1999-1571

all versions

Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f paramete

CVE-1999-0893

all versions

userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack.

CVE-1999-0697

all versions

SCO Doctor allows local users to gain root privileges through a Tools option.

CVE-1999-0411

all versions

Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulner

CVE-1999-0476

all versions

A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user.

CVE-1999-0368

all versions

Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.

CVE-1999-1450

<= 5.0.5

Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlie

CVE-1999-0798

all versions

Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.

CVE-1999-1185

all versions

Buffer overflow in SCO mscreen allows local users to gain root privileges via a long terminal entry (TERM) in the .mscreenrc file.

CVE-1999-1041

all versions

Buffer overflow in mscreen on SCO OpenServer 5.0 and SCO UNIX 3.2v4 allows a local user to gain root access via (1) a long TERM en

CVE-1999-0011

all versions

Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.

5.4MEDIUM

CVE-1999-0010

all versions

Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.

CVE-1999-0017

all versions

FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.

CVE-1999-1209

all versions

Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Open Server 3.0 allows local users to gain root privileges.

CVE-1999-0024

all versions

DNS cache poisoning via BIND, by predictable query IDs.

CVE-1999-0153

all versions

Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke.

CVE-1999-0033

all versions

Command execution in Sun systems via buffer overflow in the at program.

CVE-1999-0345

all versions

Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.

CVE-1999-0128

all versions

Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.

CVE-1999-0096

all versions

Sendmail decode alias can be used to overwrite sensitive files.

CVE-1999-0129

all versions

Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.

CVE-1999-0131

all versions

Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.

CVE-1999-0023

all versions

Local user gains root privileges via buffer overflow in rdist, via lookup() function.

CVE-1999-1253

<= 5.0.2

Vulnerability in a kernel error handling routine in SCO OpenServer 5.0.2 and earlier, and SCO Internet FastStart 1.0, allows local

CVE-1999-0019

all versions

Delete or create a file via rpc.statd, due to invalid information.

CVE-1999-0078

all versions

pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC

CVE-1999-1138

all versions

SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/t

sco openserver