CVSS: 4.6EPSS: 0%CPEs: 5EXPL: 0CVE-2004-1124
https://notcve.org/view.php?id=CVE-2004-1124
Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.22/SCOSA-2005.22.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.2/SCOSA-2005.2.txt http://secunia.com/advisories/13915 http://secunia.com/advisories/15339 http://www.securityfocus.com/bid/12300 https://exchange.xforce.ibmcloud.com/vulnerabilities/18970 •
CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0CVE-2003-0937
https://notcve.org/view.php?id=CVE-2003-0937
SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user. SCO UnixWare 7.1.1, 7.1.3, y Open UNIX 8.0.0 permite que usuarios locales se salten protecciones para un PID de proceso obteniendo un descriptor de fichero procfs para el fichero y llamando a execve() en un programa con bits setuid o setgid, lo que deja al descriptor abierto al usuario. • ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.32/CSSA-2003-SCO.32.txt http://marc.info/?l=bugtraq&m=106865297403687&w=2 http://www.texonet.com/advisories/TEXONET-20031024.txt •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 2CVE-2003-0834 – Solaris 7/8/9 CDE LibDTHelp - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-0834
Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME. Desbordamiento de búfer en la librería libDtHelp de CDE permite a usuarios locales ejecutar código arbitrario mediante una variable de entorno DTHELPUSSEARCHPATH modificada en la característica "Help". • https://www.exploit-db.com/exploits/713 https://www.exploit-db.com/exploits/714 ftp://patches.sgi.com/support/free/security/advisories/20040801-01-P http://archives.neohapsis.com/archives/hp/2003-q4/0047.html http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57414 http://www.idefense.com/application/poi/display?id=134&type=vulnerabilities&flashstatus=false http://www.kb.cert.org/vuls/id/575804 http://www.securityfocus.com/bid/8973 https://oval.cisecurity.org/reposito •
CVSS: 4.6EPSS: 0%CPEs: 48EXPL: 0CVE-2002-1323
https://notcve.org/view.php?id=CVE-2002-1323
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls. Safe.pm 2.0.7 y anteriores, si se usan con Perl 5.8.0 y anteriores, pueden permitir a atacantes escapar de compartimientos seguros en Safe::reval o Safe::rdo usando una variable @_ redefinida, que no es reestablecida entre llamadas sucesivas. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-007.0.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.1/SCOSA-2004.1.txt ftp://patches.sgi.com/support/free/security/advisories/20030606-01-A http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0061.html http://bugs6.perl.org/rt2/Ticket/Display.html?id=17744 http://marc.info/?l=bugtraq&m=104005919814869&w=2 http://marc.info/?l=bugtraq&m=104033126305252&w=2 http://marc.info/?l=bugtraq&m=10404 •
CVSS: 7.5EPSS: 0%CPEs: 46EXPL: 0CVE-2002-0677
https://notcve.org/view.php?id=CVE-2002-0677
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. El sevidor de bases de datos CDE ToolTalk (ttdbserver) permite a atacantes remotos sobrescribir posiciones arbitrarias de memoria con ceros, y posiblemente ganar privilegios, mediante un arguemnte de descriptor de fichero en una llamada al procedimiento AUTH_UNIX, que es usado como índice de tabla en el procedimiento _TT_ISCLOSE. • ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P http://marc.info/?l=bugtraq&m=102635906423617&w=2 http://www.cert.org/advisories/CA-2002-20.html http://www.kb.cert.org/vuls/id/975403 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15 https:/&#x •