CVE-2005-2926 : Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0

Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable.

Published 2005-10-25 16:02:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Products affected by CVE-2005-2926

SCO » Openserver
Versions up to, including, (<=) 5.0.7
cpe:2.3:o:sco:openserver:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2005-2926

EPSS FAQ

0.17%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 35 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2005-2926

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P	3.9	6.4	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2005-2926

http://www.idefense.com/application/poi/display?type=vulnerabilities

U.S. | Let There Be Change | Accenture

CVEs referencing this url
http://www.osvdb.org/20154
http://secunia.com/advisories/17274
http://www.securityfocus.com/bid/15160
http://securitytracker.com/id?1015099
http://www.osvdb.org/20153
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.40/SCOSA-2005.40.txt

Patch;Vendor Advisory

Jump to

Vulnerability Details : CVE-2005-2926

Products affected by CVE-2005-2926

Exploit prediction scoring system (EPSS) score for CVE-2005-2926

CVSS scores for CVE-2005-2926

References for CVE-2005-2926