24 results (0.010 seconds)

CVSS: 7.5EPSS: 3%CPEs: 9EXPL: 4

Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector. • https://www.exploit-db.com/exploits/1402 http://downloads.securityfocus.com/vulnerabilities/exploits/Openserver_bof.c http://www.securityfocus.com/archive/1/420677 http://www.securityfocus.com/bid/16122 •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.40/SCOSA-2005.40.txt http://secunia.com/advisories/17274 http://securitytracker.com/id?1015099 http://www.idefense.com/application/poi/display?type=vulnerabilities http://www.osvdb.org/20153 http://www.osvdb.org/20154 http://www.securityfocus.com/bid/15160 •

CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0

The scosession program in OpenServer 5.0.6 and 5.0.7 allows local users to gain privileges via crafted strings on the commandline. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.5/SCOSA-2005.5.txt http://secunia.com/advisories/14012 http://www.kb.cert.org/vuls/id/972598 http://www.securityfocus.com/bid/12372 https://exchange.xforce.ibmcloud.com/vulnerabilities/19479 •

CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 0

Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument. • ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.38/CSSA-2001-SCO.38.txt http://www.securityfocus.com/bid/2597 https://exchange.xforce.ibmcloud.com/vulnerabilities/6413 •

CVSS: 10.0EPSS: 97%CPEs: 43EXPL: 9

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. Desbordamiento de búfer en la entrada a varios sistemas operativos basados en System V, permite a atacantes remotos la ejecución de comandos arbitrarios mediante un gran número de argumentos a través de servicios como telnet y rlogin. • https://www.exploit-db.com/exploits/16928 https://www.exploit-db.com/exploits/346 https://www.exploit-db.com/exploits/716 https://www.exploit-db.com/exploits/57 https://www.exploit-db.com/exploits/9917 https://www.exploit-db.com/exploits/16327 https://www.exploit-db.com/exploits/10036 https://www.exploit-db.com/exploits/21179 ftp://patches.sgi.com/support/free/security/advisories/20011201-01-I ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.40/ •