📦

open_unix

Vendor: sco

Actively Exploited 0 CISA KEV List

PoC / Exploits 1 Code Available

Total RCEs 1 Remote Access

Total CVEs 4 Total Indexed

Avg. EPSS 0.97% Exploit Prob.

Latest CVE CVE-2003-0937 Dec 15

Security Vulnerability Index

Page 1 / 1

4.6 CVSS

CVE-2003-0937

SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user.

EPSS: 0.09%

Severity: MEDIUM

Dec 15, 2003

7.2 CVSS

CVE-2003-0834

Exploit Found

Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.

EPSS: 0.63%

Severity: HIGH

Dec 01, 2003

7.5 CVSS

CVE-2002-1998

RCE

Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21).

EPSS: 2.52%

Severity: HIGH

Dec 31, 2002

5.0 CVSS

CVE-2001-1579

The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.

EPSS: 0.66%

Severity: MEDIUM

Dec 31, 2001

Displaying 4 of 4 Total Entries

Total 1 Sections