Unixware Sco Unixware

Do you want an email whenever new security vulnerabilities are reported in Sco Unixware?

By the Year

In 2024 there have been 0 vulnerabilities in Sco Unixware . Unixware did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Unixware vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Sco Unixware Security Vulnerabilities

SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0

CVE-2003-0937 - December 15, 2003

SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user.

Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way

CVE-2003-0658 - October 20, 2003

Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.

UnixWare pkgtrans allows local users to read arbitrary files

CVE-1999-0988 - December 04, 1999

UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack.

Buffer overflow in SCO su program

CVE-1999-0845 - November 25, 1999

Buffer overflow in SCO su program allows local users to gain root access via a long username.

Buffer overflow in SCO UnixWare Xsco command

CVE-1999-0830 - November 01, 1999

Buffer overflow in SCO UnixWare Xsco command via a long argument.

UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script

CVE-1999-0942 - October 04, 1999

UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes.

Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a

CVE-1999-0368 - February 09, 1999

Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.

FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client

CVE-1999-0017 - December 10, 1997

FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.

DNS cache poisoning

CVE-1999-0024 - August 13, 1997

DNS cache poisoning via BIND, by predictable query IDs.

Command execution in Sun systems

CVE-1999-0033 - June 12, 1997

Command execution in Sun systems via buffer overflow in the at program.

Local user gains root privileges

CVE-1999-0023 - July 24, 1996

Local user gains root privileges via buffer overflow in rdist, via lookup() function.

pcnfsd (aka rpc.pcnfsd)

CVE-1999-0078 - April 18, 1996

pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Hp Ux or by Sco? Click the Watch button to subscribe.

Sco
Vendor

Sco Unixware
Product

subscribe