📦

openserver

Vendor: sco

Actively Exploited 0 CISA KEV List

PoC / Exploits 15 Code Available

Total RCEs 5 Remote Access

Total CVEs 67 Total Indexed

Avg. EPSS 2.97% Exploit Prob.

Latest CVE CVE-2006-0072 Jan 04

Security Vulnerability Index

Page 1 / 7

7.5 CVSS

CVE-2006-0072

RCE Exploit Found

Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector.

EPSS: 5.39%

Severity: HIGH

Jan 04, 2006

4.6 CVSS

CVE-2005-2926

RCE

Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable.

EPSS: 0.17%

Severity: MEDIUM

Oct 25, 2005

4.6 CVSS

CVE-2005-0993

Exploit Found

Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users to execute arbitrary code via a long command line argument.

EPSS: 0.23%

Severity: MEDIUM

May 02, 2005

4.6 CVSS

CVE-2005-0351

Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable.

EPSS: 0.12%

Severity: MEDIUM

Apr 07, 2005

5.6 CVSS

CVE-2005-0109

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.

EPSS: 0.14%

Severity: MEDIUM

Mar 05, 2005

7.2 CVSS

CVE-2004-1131

Multiple buffer overflows in the enable command for SCO OpenServer 5.0.6 and 5.0.7 allow local users to execute arbitrary code via long command line arguments.

EPSS: 0.08%

Severity: HIGH

Feb 07, 2005

7.2 CVSS

CVE-2003-1021

The scosession program in OpenServer 5.0.6 and 5.0.7 allows local users to gain privileges via crafted strings on the commandline.

EPSS: 0.40%

Severity: HIGH

Jan 26, 2005

5.0 CVSS

CVE-2004-1039

The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request.

EPSS: 0.76%

Severity: MEDIUM

Jan 11, 2005

7.5 CVSS

CVE-2004-0390

Exploit Found

SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods.

EPSS: 3.36%

Severity: HIGH

Dec 31, 2004

2.1 CVSS

CVE-2004-0512

Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a core dump.

EPSS: 0.07%

Severity: LOW

Dec 23, 2004

Displaying 10 of 67 Total Entries

1 2 3 4 5 ... 7

Total 7 Sections