Page 4 of 66 results (0.011 seconds)

CVSS: 4.6EPSS: 0%CPEs: 5EXPL: 0

Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.22/SCOSA-2005.22.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.2/SCOSA-2005.2.txt http://secunia.com/advisories/13915 http://secunia.com/advisories/15339 http://www.securityfocus.com/bid/12300 https://exchange.xforce.ibmcloud.com/vulnerabilities/18970 •

CVSS: 4.3EPSS: 2%CPEs: 58EXPL: 0

ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. ISC BIND 8.3.x antes de 8.3.7, y 8.4.x antes de 8.4.3 permite a atacantes remotos envenenar la cache mediante un servidor de nombres malicioso que devuelve respuestas negativas con un valor TTL (time to live) largo. • ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/CSSA-2004-003.0.txt ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.33/CSSA-2003-SCO.33.txt http://secunia.com/advisories/10542 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57434 http://www.debian.org/security/2004/dsa-409 http://www.kb.cert.org/vuls/id/734644 http://www.trustix.org/errata/misc/2003/TSL-2003-0044-bind.asc.txt https://oval.cisecurity.org/repository& •

CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0

SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user. SCO UnixWare 7.1.1, 7.1.3, y Open UNIX 8.0.0 permite que usuarios locales se salten protecciones para un PID de proceso obteniendo un descriptor de fichero procfs para el fichero y llamando a execve() en un programa con bits setuid o setgid, lo que deja al descriptor abierto al usuario. • ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.32/CSSA-2003-SCO.32.txt http://marc.info/?l=bugtraq&m=106865297403687&w=2 http://www.texonet.com/advisories/TEXONET-20031024.txt •

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 2

Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME. Desbordamiento de búfer en la librería libDtHelp de CDE permite a usuarios locales ejecutar código arbitrario mediante una variable de entorno DTHELPUSSEARCHPATH modificada en la característica "Help". • https://www.exploit-db.com/exploits/713 https://www.exploit-db.com/exploits/714 ftp://patches.sgi.com/support/free/security/advisories/20040801-01-P http://archives.neohapsis.com/archives/hp/2003-q4/0047.html http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57414 http://www.idefense.com/application/poi/display?id=134&type=vulnerabilities&flashstatus=false http://www.kb.cert.org/vuls/id/575804 http://www.securityfocus.com/bid/8973 https://oval.cisecurity.org/reposito •

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0

Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0658 •