Vulnerabilities > SCO

DATE CVE VULNERABILITY TITLE RISK
2004-02-03 CVE-2004-1082 mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
network
low complexity
apache apple avaya hp ibm openbsd sco sun
7.5
2004-01-14 CVE-2004-1124 CHRoot Breakout vulnerability in SCO UnixWare/OpenServer
Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities.
local
low complexity
sco
4.6
2003-12-15 CVE-2003-0914 ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. 4.3
2003-12-01 CVE-2003-0834 Local Buffer Overflow vulnerability in SCO Open Unix and Unixware
Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.
local
low complexity
sco
7.2
2003-11-17 CVE-2003-0872 Unspecified vulnerability in SCO Openserver 5.0.5
Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files.
local
low complexity
sco
2.1
2003-10-20 CVE-2003-0658 Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.
network
low complexity
caldera sco
5.0
2003-10-07 CVE-2003-0791 Deserialization of Untrusted Data vulnerability in multiple products
The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.
network
low complexity
mozilla sco CWE-502
critical
9.8
2003-10-06 CVE-2003-0742 Unspecified vulnerability in SCO Openserver 5.0.5/5.0.6/5.0.7
SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program.
local
low complexity
sco
7.2
2003-08-27 CVE-2003-0597 Unspecified vulnerability in SCO Openserver 5.0.6/5.0.7
Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges.
local
low complexity
sco
7.2
2003-06-16 CVE-2003-0282 Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two .
network
high complexity
info-zip sco
2.6