Filtered by vendor Caldera
Subscribe
Total
82 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-2933 | 1 Caldera | 1 Caldera | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in dirmng/index.php in Caldera 9.20 allows remote attackers to access arbitrary directories via a crafted pathname. | |||||
| CVE-2014-2935 | 1 Caldera | 1 Caldera | 2024-02-04 | 10.0 HIGH | N/A |
| costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows remote attackers to execute arbitrary commands via shell metacharacters in a methodCall element in a PHP XMLRPC request. | |||||
| CVE-2014-2936 | 1 Caldera | 1 Caldera | 2024-02-04 | 7.5 HIGH | N/A |
| The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection attacks in the global scope via (1) the maindir_hotfolder parameter to dirmng/index.php, or an unspecified parameter to (2) PPD/index.php, (3) dirmng/docmd.php, or (4) dirmng/param.php. | |||||
| CVE-2014-2934 | 1 Caldera | 1 Caldera | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute arbitrary SQL commands via the tr parameter to (1) costview2/jobs.php or (2) costview2/printers.php. | |||||
| CVE-2002-0105 | 1 Caldera | 1 Unixware | 2024-02-04 | 7.2 HIGH | N/A |
| CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating systems, allows local users to gain privileges via a symlink attack on /var/dt/Xerrors since /var/dt is world-writable. | |||||
| CVE-2002-0827 | 1 Caldera | 2 Openunix, Unixware | 2024-02-04 | 7.2 HIGH | N/A |
| Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to gain root privileges via (1) ppptalk or (2) ppp, a different vulnerability than CVE-2002-0824. | |||||
| CVE-1999-0439 | 2 Caldera, Procmail | 2 Openlinux, Procmail | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file. | |||||
| CVE-2002-0884 | 2 Caldera, Sun | 3 Openunix, Unixware, Sunos | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error. | |||||
| CVE-2000-0844 | 13 Caldera, Conectiva, Debian and 10 more | 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more | 2024-02-04 | 10.0 HIGH | N/A |
| Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | |||||
| CVE-2000-1134 | 7 Caldera, Conectiva, Hp and 4 more | 9 Openlinux, Openlinux Edesktop, Openlinux Eserver and 6 more | 2024-02-04 | 7.2 HIGH | N/A |
| Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. | |||||
| CVE-2002-0677 | 7 Caldera, Compaq, Hp and 4 more | 9 Openunix, Unixware, Tru64 and 6 more | 2024-02-04 | 7.5 HIGH | N/A |
| CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. | |||||
| CVE-1999-0368 | 7 Caldera, Debian, Proftpd Project and 4 more | 8 Openlinux, Debian Linux, Proftpd and 5 more | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. | |||||
| CVE-2000-0372 | 1 Caldera | 1 Openlinux | 2024-02-04 | 7.2 HIGH | N/A |
| Vulnerability in Caldera rmt command in the dump package 0.4b4 allows a local user to gain root privileges. | |||||
| CVE-1999-1182 | 6 Caldera, Debian, Delix and 3 more | 6 Openlinux Lite, Debian Linux, Dld and 3 more | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error. | |||||
| CVE-2000-0917 | 3 Caldera, Redhat, Trustix | 6 Openlinux, Openlinux Ebuilder, Openlinux Edesktop and 3 more | 2024-02-04 | 10.0 HIGH | N/A |
| Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands. | |||||
| CVE-2002-0004 | 8 Caldera, Debian, Freebsd and 5 more | 9 Openlinux Server, Openlinux Workstation, Debian Linux and 6 more | 2024-02-04 | 7.2 HIGH | N/A |
| Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. | |||||
| CVE-2002-0517 | 1 Caldera | 2 Openunix, Unixware | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in X11 library (libX11) on Caldera Open UNIX 8.0.0, UnixWare 7.1.1, and possibly other operating systems, allows local users to gain root privileges via a long -xrm argument to programs such as (1) dtterm or (2) xterm. | |||||
| CVE-2001-1576 | 1 Caldera | 1 Unixware | 2024-02-04 | 4.6 MEDIUM | N/A |
| Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument. | |||||
| CVE-1999-0234 | 5 Caldera, Redhat, Sgi and 2 more | 5 Openlinux, Linux, Irix and 2 more | 2024-02-04 | 4.6 MEDIUM | N/A |
| Bash treats any character with a value of 255 as a command separator. | |||||
| CVE-2002-0988 | 1 Caldera | 2 Openunix, Unixware | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities. | |||||