CVSS: 9.8EPSS: 5%CPEs: 9EXPL: 4CVE-2006-0072 – SCO OpenServer 5.0.7 - 'termsh' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2006-0072
04 Jan 2006 — Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector. • https://www.exploit-db.com/exploits/1402 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2926
https://notcve.org/view.php?id=CVE-2005-2926
25 Oct 2005 — Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.40/SCOSA-2005.40.txt •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2003-1021
https://notcve.org/view.php?id=CVE-2003-1021
26 Jan 2005 — The scosession program in OpenServer 5.0.6 and 5.0.7 allows local users to gain privileges via crafted strings on the commandline. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.5/SCOSA-2005.5.txt •
CVSS: 9.8EPSS: 3%CPEs: 3EXPL: 1CVE-2004-0390 – SCO OpenServer 5.0.x - StartX Weak XHost Permissions
https://notcve.org/view.php?id=CVE-2004-0390
31 Dec 2004 — SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods. • https://www.exploit-db.com/exploits/20851 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0872
https://notcve.org/view.php?id=CVE-2003-0872
25 Oct 2003 — Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files. Ciertos scripts en OpenServer anteriores a 5.0.6 permite a usuarios locales sobreescribir ficheros y conducir otras activades no autorizadas mediante un ataque de enlaces simbólicos sobre ficheros temporales. • ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.27/CSSA-2003-SCO.27.txt •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2003-0742
https://notcve.org/view.php?id=CVE-2003-0742
19 Sep 2003 — SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program. SCO Internet Manager (mana) permite a usuarios locales ejecutar programas arbitrarios estableciendo la variable de entorno REMOTE_ADDR de forma que haga que menu.mana se ejecute como si fuera llamado desde ncsa_httpd, y entonces modif... • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0742 •
CVSS: 5.5EPSS: 2%CPEs: 9EXPL: 0CVE-2002-1199
https://notcve.org/view.php?id=CVE-2002-1199
28 Oct 2002 — The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments. El procedimiento getdbm en ypxfrd permite a usuarios locales leer ficheros arbitrarios, y a atacantes remotos leer bases de datos fuera de /var/yp, mediante ataques de atravesamiento de directorios y de enlaces simbólicos en los argumentos de dominio y mapa. • ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2002-0887 – Caldera OpenServer 5.0.5/5.0.6 - SCOAdmin Symbolic Link
https://notcve.org/view.php?id=CVE-2002-0887
04 Oct 2002 — scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files. • https://www.exploit-db.com/exploits/21489 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2002-0442
https://notcve.org/view.php?id=CVE-2002-0442
26 Jul 2002 — Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges. • ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.8/CSSA-2002-SCO.8.txt •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2002-0716
https://notcve.org/view.php?id=CVE-2002-0716
26 Jul 2002 — Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument. • http://marc.info/?l=bugtraq&m=102323070305101&w=2 •