This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Sco First view 2001-03-12
Product Openserver Last view 2006-01-03
Version 5.0.7 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:sco:openserver

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2006-01-03 CVE-2006-0072

Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector.

5 2005-12-31 CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

10 2005-12-31 CVE-2005-3625

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

5 2005-12-31 CVE-2005-3624

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

4.6 2005-10-25 CVE-2005-2926

Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable.

4.6 2005-05-02 CVE-2005-0993

Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users to execute arbitrary code via a long command line argument.

4.6 2005-04-07 CVE-2005-0351

Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable.

5.6 2005-03-05 CVE-2005-0109

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.

7.2 2005-02-07 CVE-2004-1131

Multiple buffer overflows in the enable command for SCO OpenServer 5.0.6 and 5.0.7 allow local users to execute arbitrary code via long command line arguments.

5 2005-01-11 CVE-2004-1039

The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request.

7.5 2004-12-31 CVE-2004-0390

SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods.

2.1 2004-12-23 CVE-2004-0512

Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a core dump.

2.1 2004-12-23 CVE-2004-0511

Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a null dereference.

7.2 2004-12-23 CVE-2004-0510

Multiple buffer overflows in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to execute arbitrary code, as demonstrated via the execmail program.

5 2004-11-23 CVE-2004-0112

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.

5 2004-11-23 CVE-2004-0081

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

5 2004-11-23 CVE-2004-0079

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

7.5 2004-02-03 CVE-2004-1082

mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.

4.6 2004-01-14 CVE-2004-1124

Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities.

7.5 2003-10-07 CVE-2003-0791

The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.

7.2 2003-10-06 CVE-2003-0742

SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program.

7.2 2003-08-27 CVE-2003-0597

Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges.

5 2001-03-12 CVE-2000-0307

Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024.

10 2001-03-12 CVE-2000-0306

Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message.

CWE : Common Weakness Enumeration

%idName
50% (2) CWE-399 Resource Management Errors
25% (1) CWE-189 Numeric Errors
25% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
22235 Multiple Products Xpdf/kpdf Crafted FlateDecode Stream NULL Dereference DoS
22234 Multiple Products Xpdf/kpdf Crafted CCITTFaxDecode / DCTDecode Stream DoS
22233 Multiple Products Xpdf/kpdf Stream.cc CCITTFaxStream::CCITTFaxStream Function...
22217 SCO OpenServer termsh -o Parameter Local Overflow
20154 SCO OpenServer authsh Local Overflow
20153 SCO OpenServer backupsh Local Overflow
16440 Multiple Unix Vendor Hyper-Threading (HTT) Arbitrary Thread Process Informati...
15360 SCO OpenServer atcronsh HOME Environment Variable Local Overflow
15359 SCO OpenServer termsh HOME Environment Variable Local Overflow
15358 SCO OpenServer auditsh HOME Environment Variable Local Overflow
15274 SCO OpenServer nwprint Command Line Local Overflow
13618 SCO OpenServer enable Local Overflow
13057 SCO UnixWare Chroot Unspecified Escape
12866 SCO UnixWare mountd Multiple Process Creation DoS
12176 mod_digest_apple for Apache HTTP Server on Mac OS X Authentication Replay
9337 SCO UnixWare Merge display Utility Local Privilege Escalation
8390 Mozilla Browser Script.prototype.freeze/thaw Arbitrary Code Execution
8097 SCO OpenServer MMDF Core Dumps DoS
8096 SCO OpenServer MMDF Null Dereferences DoS
8095 SCO OpenServer MMDF execmail Overflow
7631 SCO Internet Manager REMOTE_ADDR Variable Arbitrary Program Execution
7534 SCO xserver Restricted Port DoS
6078 SCO OpenServer X Display Xauthority Bypass
4318 OpenSSL TLS Infinite Loop DoS
4317 OpenSSL SSL/TLS Handshake Null Pointer DoS

OpenVAS Exploits

id Description
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-05-05 Name : HP-UX Update for Apache HPSBUX01019
File : nvt/gb_hp_ux_HPSBUX01019.nasl
2009-05-05 Name : HP-UX Update for AAA Server HPSBUX01011
File : nvt/gb_hp_ux_HPSBUX01011.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200601-17 (xpdf poppler gpdf libextractor pdfto...
File : nvt/glsa_200601_17.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200601-02 (kdegraphics, kpdf, koffice, kword)
File : nvt/glsa_200601_02.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200403-03 (OpenSSL)
File : nvt/glsa_200403_03.nasl
2008-09-04 Name : FreeBSD Security Advisory (FreeBSD-SA-04:05.openssl.asc)
File : nvt/freebsdsa_openssl1.nasl
2008-09-04 Name : FreeBSD Security Advisory (FreeBSD-SA-05:09.htt.asc)
File : nvt/freebsdsa_htt.nasl
2008-09-04 Name : FreeBSD Ports: openssl, openssl-beta
File : nvt/freebsd_openssl.nasl
2008-01-17 Name : Debian Security Advisory DSA 931-1 (xpdf)
File : nvt/deb_931_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 962-1 (pdftohtml)
File : nvt/deb_962_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 961-1 (pdfkit.framework)
File : nvt/deb_961_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 950-1 (cupsys)
File : nvt/deb_950_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 940-1 (gpdf)
File : nvt/deb_940_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 938-1 (koffice)
File : nvt/deb_938_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 937-1 (tetex-bin)
File : nvt/deb_937_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 936-1 (libextractor)
File : nvt/deb_936_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 932-1 (xpdf)
File : nvt/deb_932_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 465-1 (openssl,openssl094,openssl095)
File : nvt/deb_465_1.nasl
0000-00-00 Name : Slackware Advisory SSA:2004-077-01 OpenSSL security update
File : nvt/esoft_slk_ssa_2004_077_01.nasl
0000-00-00 Name : Slackware Advisory SSA:2006-045-04 kdegraphics
File : nvt/esoft_slk_ssa_2006_045_04.nasl
0000-00-00 Name : Slackware Advisory SSA:2006-045-09 xpdf
File : nvt/esoft_slk_ssa_2006_045_09.nasl

Snort® IPS/IDS

Date Description
2014-01-10 SCO calserver overflow
RuleID : 304-community - Type : SERVER-OTHER - Revision : 12
2014-01-10 SCO calserver overflow
RuleID : 304 - Type : SERVER-OTHER - Revision : 12

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-010.nasl - Type: ACT_GATHER_INFO
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-011.nasl - Type: ACT_GATHER_INFO
2012-01-04 Name: The remote server is vulnerable to a denial of service attack.
File: openssl_0_9_6m_0_9_7d.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_68233cba777411d889ed0020ed76ef5a.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-932.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-962.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-961.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-950.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-940.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-938.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-937.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-936.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-931.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2006-0177.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-868.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2006-0163.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2006-0160.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2005-840.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2005-830.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-800.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-476.nasl - Type: ACT_GATHER_INFO
2006-02-15 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2006-045-09.nasl - Type: ACT_GATHER_INFO
2006-02-15 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2006-045-04.nasl - Type: ACT_GATHER_INFO
2006-02-01 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200601-17.nasl - Type: ACT_GATHER_INFO
2006-01-21 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-236-2.nasl - Type: ACT_GATHER_INFO