CVE-2001-0576

Name of the Vulnerable Software and Affected Versions: lpusers as included with SCO OpenServer versions 5.0 through 5.0.6

Description: The issue allows a local attacker to gain additional privileges via a buffer overflow attack in the -u command line parameter.

Recommendations: For SCO OpenServer versions 5.0 through 5.0.6, avoid using the -u command line parameter until a fix is available. As a temporary workaround, consider restricting access to the lpusers utility to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.