PT-2005-3776 · Sco · Sco Openserver

Published

2005-10-25

Updated

2019-10-09

CVE-2005-2926

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions SCO Openserver version 5.0.7

Description A stack-based buffer overflow issue exists, allowing local users to execute arbitrary code via a long HOME environment variable. This is related to the backupsh and authsh components.

Recommendations For SCO Openserver version 5.0.7, consider restricting the length of the HOME environment variable to prevent exploitation until a patch is available. As a temporary workaround, limit the use of the backupsh and authsh components to minimize the risk of arbitrary code execution.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-2926

Affected Products

Sco Openserver

PT-2005-3776 · Sco · Sco Openserver

CVE-2005-2926

Related Identifiers

Affected Products

References · 8