Vulnerabilities > CVE-1999-1041 - Unspecified vulnerability in SCO Openserver and Unix

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

sco

exploit available

NVD

Published: 1998-08-27

Updated: 2016-10-18

Summary

Buffer overflow in mscreen on SCO OpenServer 5.0 and SCO UNIX 3.2v4 allows a local user to gain root access via (1) a long TERM environmental variable and (2) a long entry in the .mscreenrc file.

Vulnerable Configurations

Part	Description	Count
OS	Sco SCO Openserver 5.0 SCO Unix 3.2V4	2

Exploit-Db

description	SCO OpenServer 5.0.5 Env Local Stack Overflow Exploit. CVE-1999-1041,CVE-1999-1185. Local exploit for sco platform
id	EDB-ID:261
last seen	2016-01-31
modified	2001-01-26
published	2001-01-26
reporter	K2
source	https://www.exploit-db.com/download/261/
title	SCO OpenServer 5.0.5 Env Local Stack Overflow Exploit

References

ftp://ftp.sco.com/SSE/security_bulletins/SB-98.05a
http://marc.info/?l=bugtraq&m=90686250717719&w=2
http://www.cert.org/vendor_bulletins/VB-98.10.sco.mscreen
http://www.securityfocus.com/archive/1/10420