CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0872 – CSSA-2003-SCO.27
https://notcve.org/view.php?id=CVE-2003-0872
25 Oct 2003 — Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files. Ciertos scripts en OpenServer anteriores a 5.0.6 permite a usuarios locales sobreescribir ficheros y conducir otras activades no autorizadas mediante un ataque de enlaces simbólicos sobre ficheros temporales. OpenServer 5.0.5 insecurely creates files in /tmp which can lead to a system compromise. • ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.27/CSSA-2003-SCO.27.txt •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2003-0791
https://notcve.org/view.php?id=CVE-2003-0791
07 Oct 2003 — The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed. • http://secunia.com/advisories/11103 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2003-0742
https://notcve.org/view.php?id=CVE-2003-0742
19 Sep 2003 — SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program. SCO Internet Manager (mana) permite a usuarios locales ejecutar programas arbitrarios estableciendo la variable de entorno REMOTE_ADDR de forma que haga que menu.mana se ejecute como si fuera llamado desde ncsa_httpd, y entonces modif... • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0742 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2003-0658
https://notcve.org/view.php?id=CVE-2003-0658
03 Sep 2003 — Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0658 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2003-0597
https://notcve.org/view.php?id=CVE-2003-0597
25 Jul 2003 — Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges. Vulnerabilidad desconocida en la visualización de Merge anteriores a 5.3.23a en UnixWare 7.1x permite a usuarios locales ganar privilegios de root. • http://marc.info/?l=bugtraq&m=105889063714201&w=2 •
CVSS: 5.5EPSS: 2%CPEs: 9EXPL: 0CVE-2002-1199
https://notcve.org/view.php?id=CVE-2002-1199
28 Oct 2002 — The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments. El procedimiento getdbm en ypxfrd permite a usuarios locales leer ficheros arbitrarios, y a atacantes remotos leer bases de datos fuera de /var/yp, mediante ataques de atravesamiento de directorios y de enlaces simbólicos en los argumentos de dominio y mapa. • ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2002-0716
https://notcve.org/view.php?id=CVE-2002-0716
26 Jul 2002 — Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument. • http://marc.info/?l=bugtraq&m=102323070305101&w=2 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1578
https://notcve.org/view.php?id=CVE-2001-1578
31 Dec 2001 — Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors. • http://archives.neohapsis.com/archives/linux/caldera/2001-q4/0014.html •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2001-1508
https://notcve.org/view.php?id=CVE-2001-1508
31 Dec 2001 — Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument. • ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.38/CSSA-2001-SCO.38.txt •
CVSS: 10.0EPSS: 88%CPEs: 43EXPL: 12CVE-2001-0797 – Solaris in.telnetd TTYPROMPT Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0797
12 Dec 2001 — Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. Desbordamiento de búfer en la entrada a varios sistemas operativos basados en System V, permite a atacantes remotos la ejecución de comandos arbitrarios mediante un gran número de argumentos a través de servicios como telnet y rlogin. • https://packetstorm.news/files/id/35500 •