| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook. |
| Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. |
| Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. |
| Local user gains root privileges via buffer overflow in rdist, via lookup() function. |
| DNS cache poisoning via BIND, by predictable query IDs. |
| pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. |
| Buffer overflow in SCO UnixWare Xsco command via a long argument. |
| Vulnerability in prwarn in SCO UNIX 4.2 and earlier allows local users to gain root access. |
| Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type. |
| The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail. |
| UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission. |
| Buffer overflow in SCO su program allows local users to gain root access via a long username. |
| UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file. |
| Buffer overflow in UnixWare xauto program allows local users to gain root privilege. |
| UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes. |
| The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is executed. |
| Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access arbitrary files and gain root privileges. |
| Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the (1) prompt or (2) defprompt command. |
| The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request. |
| SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user. |
