Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Openserver
(Sco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 72 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2004-11-23 | CVE-2004-0081 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | Webstar, Mac_os_x, Mac_os_x_server, Converged_communications_server, Intuity_audix, S8300, S8500, S8700, Sg200, Sg203, Sg208, Sg5, Vsu, Cacheos_ca_sa, Proxysg, Firewall\-1, Provider\-1, Vpn\-1, Access_registrar, Application_and_content_networking_software, Call_manager, Ciscoworks_common_management_foundation, Ciscoworks_common_services, Content_services_switch_11500, Css11000_content_services_switch, Css_secure_content_accelerator, Firewall_services_module, Gss_4480_global_site_selector, Gss_4490_global_site_selector, Ios, Mds_9000, Okena_stormwatch, Pix_firewall, Pix_firewall_software, Secure_content_accelerator, Threat_response, Webns, Bsafe_ssl\-J, Freebsd, Aaa_server, Apache\-Based_web_server, Hp\-Ux, Wbem, Speed_technologies_litespeed_web_server, Instant_virtual_extranet, Edirectory, Imanager, Openbsd, Openssl, Enterprise_linux, Enterprise_linux_desktop, Linux, Openssl, Openserver, Sidewinder, Propack, Servercluster, Stonebeat_fullcluster, Stonebeat_securitycluster, Stonebeat_webcluster, Stonegate, Stonegate_vpn_client, Crypto_accelerator_4000, Clientless_vpn_gateway_4400, Tarantella_enterprise, Gsx_server | N/A | ||
| 2005-10-25 | CVE-2005-2926 | Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable. | Openserver | N/A | ||
| 2006-01-03 | CVE-2006-0072 | Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector. | Openserver | N/A | ||
| 2005-12-31 | CVE-2005-3626 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. | Linux, Debian_linux, Cups, Linux, Kdegraphics, Koffice, Kpdf, Kword, Libextractor, Mandrake_linux, Mandrake_linux_corporate_server, Poppler, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Linux_advanced_workstation, Openserver, Propack, Slackware_linux, Suse_linux, Tetex, Secure_linux, Turbolinux, Turbolinux_appliance_server, Turbolinux_desktop, Turbolinux_home, Turbolinux_multimedia, Turbolinux_personal, Turbolinux_server, Turbolinux_workstation, Ubuntu_linux, Xpdf | N/A | ||
| 2005-12-31 | CVE-2005-3625 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." | Linux, Debian_linux, Cups, Linux, Kdegraphics, Koffice, Kpdf, Kword, Libextractor, Mandrake_linux, Mandrake_linux_corporate_server, Poppler, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Linux_advanced_workstation, Openserver, Propack, Slackware_linux, Suse_linux, Tetex, Secure_linux, Turbolinux, Turbolinux_appliance_server, Turbolinux_desktop, Turbolinux_home, Turbolinux_multimedia, Turbolinux_personal, Turbolinux_server, Turbolinux_workstation, Ubuntu_linux, Xpdf | N/A | ||
| 2005-12-31 | CVE-2005-3624 | The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. | Linux, Debian_linux, Cups, Linux, Kdegraphics, Koffice, Kpdf, Kword, Libextractor, Mandrake_linux, Mandrake_linux_corporate_server, Poppler, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Linux_advanced_workstation, Openserver, Propack, Slackware_linux, Suse_linux, Tetex, Secure_linux, Turbolinux, Turbolinux_appliance_server, Turbolinux_desktop, Turbolinux_home, Turbolinux_multimedia, Turbolinux_personal, Turbolinux_server, Turbolinux_workstation, Ubuntu_linux, Xpdf | N/A | ||
| 2005-05-02 | CVE-2005-0993 | Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users to execute arbitrary code via a long command line argument. | Openserver | N/A | ||
| 2005-04-07 | CVE-2005-0351 | Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable. | Openserver | N/A | ||
| 2005-03-05 | CVE-2005-0109 | Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. | Freebsd, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Openserver, Unixware, Solaris, Ubuntu_linux | 5.6 | ||
| 2005-02-07 | CVE-2004-1131 | Multiple buffer overflows in the enable command for SCO OpenServer 5.0.6 and 5.0.7 allow local users to execute arbitrary code via long command line arguments. | Openserver | N/A |