CVSS: 3.6EPSS: 0%CPEs: 3EXPL: 1CVE-1999-0825 – SCO Unixware 7.1 - '/var/mail' Permissions
https://notcve.org/view.php?id=CVE-1999-0825
The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail. • https://www.exploit-db.com/exploits/19657 http://www.securityfocus.com/bid/849 •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 1CVE-1999-0866 – SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'xauto' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-0866
Buffer overflow in UnixWare xauto program allows local users to gain root privilege. • https://www.exploit-db.com/exploits/19656 ftp://ftp.sco.com/SSE/security_bulletins/SB-99.24a http://marc.info/?l=bugtraq&m=94530783815434&w=2 http://marc.info/?l=bugtraq&m=94581379905584&w=2 http://marc.info/?l=bugtraq&m=94606167110764&w=2 http://www.securityfocus.com/bid/848 •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 1CVE-1999-0864 – SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'coredump' Symlink
https://notcve.org/view.php?id=CVE-1999-0864
UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file. • https://www.exploit-db.com/exploits/19659 http://marc.info/?l=bugtraq&m=94530783815434&w=2 http://marc.info/?l=bugtraq&m=94581379905584&w=2 http://marc.info/?l=bugtraq&m=94606167110764&w=2 http://www.securityfocus.com/bid/851 http://www.securityfocus.com/templates/archive.pike?list=1&msg=19991203020720.13115.qmail%40nwcst289.netaddress.usa.net •
CVSS: 3.6EPSS: 0%CPEs: 2EXPL: 3CVE-1999-0828 – SCO Unixware 7.1 - 'pkg' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-1999-0828
UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission. • https://www.exploit-db.com/exploits/19658 https://www.exploit-db.com/exploits/19660 https://www.exploit-db.com/exploits/19661 http://www.securityfocus.com/bid/853 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-1999-0942
https://notcve.org/view.php?id=CVE-1999-0942
UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0942 •