Openserver

DATE	CVE	VULNERABILITY TITLE	RISK
2005-01-11	CVE-2004-1039	Denial of Service vulnerability in SCO UnixWare NFS Mountd The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request. network low complexity sco	5.0
2004-12-31	CVE-2004-0390	Unspecified vulnerability in SCO Openserver 5.0.5/5.0.6/5.0.7 SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods. network low complexity sco	7.5
2004-12-23	CVE-2004-0512	Multiple vulnerability in SCO Multi-channel Memorandum Distribution Facility Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a core dump. local low complexity sco	2.1
2004-12-23	CVE-2004-0511	Multiple vulnerability in SCO Multi-channel Memorandum Distribution Facility Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a null dereference. local low complexity sco	2.1
2004-11-23	CVE-2004-0081	OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. network low complexity cisco symantec hp avaya freebsd openbsd redhat sco apple 4d checkpoint lite neoteris novell openssl sgi stonesoft vmware bluecoat securecomputing dell tarantella sun	5.0
2004-11-23	CVE-2004-0079	NULL Pointer Dereference vulnerability in multiple products The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. network low complexity cisco symantec hp avaya redhat freebsd openbsd apple sco 4d checkpoint dell lite neoteris novell openssl sgi stonesoft tarantella vmware bluecoat securecomputing sun CWE-476	7.5
2004-02-03	CVE-2004-1082	mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. network low complexity apache apple avaya hp ibm openbsd sco sun	7.5
2004-01-14	CVE-2004-1124	CHRoot Breakout vulnerability in SCO UnixWare/OpenServer Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities. local low complexity sco	4.6
2003-11-17	CVE-2003-0872	Unspecified vulnerability in SCO Openserver 5.0.5 Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files. local low complexity sco	2.1
2003-10-07	CVE-2003-0791	Deserialization of Untrusted Data vulnerability in multiple products The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed. network low complexity mozilla sco CWE-502 critical	9.8