5.0.7

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

sco

exploit available

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods.

Vulnerable Configurations

Part	Description	Count
OS	Sco SCO Openserver 5.0.5 SCO Openserver 5.0.6 SCO Openserver 5.0.7	3

Exploit-Db

description	SCO OpenServer 5.0.x StartX Weak XHost Permissions Vulnerability. CVE-2004-0390. Local exploit for sco platform
id	EDB-ID:20851
last seen	2016-02-02
modified	2001-05-07
published	2001-05-07
reporter	Richard Johnson
source	https://www.exploit-db.com/download/20851/
title	SCO OpenServer 5.0.x StartX Weak XHost Permissions Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References