Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Openserver
(Sco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 72 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-10-25 | CVE-2005-2926 | Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable. | Openserver | N/A | ||
| 2006-01-03 | CVE-2006-0072 | Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector. | Openserver | N/A | ||
| 2005-12-31 | CVE-2005-3626 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. | Linux, Debian_linux, Cups, Linux, Kdegraphics, Koffice, Kpdf, Kword, Libextractor, Mandrake_linux, Mandrake_linux_corporate_server, Poppler, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Linux_advanced_workstation, Openserver, Propack, Slackware_linux, Suse_linux, Tetex, Secure_linux, Turbolinux, Turbolinux_appliance_server, Turbolinux_desktop, Turbolinux_home, Turbolinux_multimedia, Turbolinux_personal, Turbolinux_server, Turbolinux_workstation, Ubuntu_linux, Xpdf | N/A | ||
| 2005-12-31 | CVE-2005-3625 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." | Linux, Debian_linux, Cups, Linux, Kdegraphics, Koffice, Kpdf, Kword, Libextractor, Mandrake_linux, Mandrake_linux_corporate_server, Poppler, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Linux_advanced_workstation, Openserver, Propack, Slackware_linux, Suse_linux, Tetex, Secure_linux, Turbolinux, Turbolinux_appliance_server, Turbolinux_desktop, Turbolinux_home, Turbolinux_multimedia, Turbolinux_personal, Turbolinux_server, Turbolinux_workstation, Ubuntu_linux, Xpdf | N/A | ||
| 2005-12-31 | CVE-2005-3624 | The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. | Linux, Debian_linux, Cups, Linux, Kdegraphics, Koffice, Kpdf, Kword, Libextractor, Mandrake_linux, Mandrake_linux_corporate_server, Poppler, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Linux_advanced_workstation, Openserver, Propack, Slackware_linux, Suse_linux, Tetex, Secure_linux, Turbolinux, Turbolinux_appliance_server, Turbolinux_desktop, Turbolinux_home, Turbolinux_multimedia, Turbolinux_personal, Turbolinux_server, Turbolinux_workstation, Ubuntu_linux, Xpdf | N/A | ||
| 2005-05-02 | CVE-2005-0993 | Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users to execute arbitrary code via a long command line argument. | Openserver | N/A | ||
| 2005-04-07 | CVE-2005-0351 | Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable. | Openserver | N/A | ||
| 2005-03-05 | CVE-2005-0109 | Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. | Freebsd, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Openserver, Unixware, Solaris, Ubuntu_linux | 5.6 | ||
| 2005-02-07 | CVE-2004-1131 | Multiple buffer overflows in the enable command for SCO OpenServer 5.0.6 and 5.0.7 allow local users to execute arbitrary code via long command line arguments. | Openserver | N/A | ||
| 2004-01-14 | CVE-2004-1124 | Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities. | Openserver, Unixware | N/A |