SCO : Security Vulnerabilities, CVEs, Published In 2000

Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter.

The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.

ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack.

Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges.

Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service.

Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon.

The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack.

snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration.

Buffer overflow in SCO scohelp program allows remote attackers to execute commands.

Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument.

The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is executed.

Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.