Vulnerability Description
Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and earlier allow local users to gain privileges via a long TERM environment variable to (1) atcronsh, (2) auditsh, (3) authsh, (4) backupsh, (5) lpsh, (6) sysadm.menu, or (7) termsh.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sco | Openserver | <= 5.0.6a |
References
- http://www.securityfocus.com/archive/1/219966PatchVendor Advisory
- http://www.securityfocus.com/archive/82/191216Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7281
- http://www.securityfocus.com/archive/1/219966PatchVendor Advisory
- http://www.securityfocus.com/archive/82/191216Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7281
FAQ
What is CVE-2001-1148?
CVE-2001-1148 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and earlier allow local users to gain privileges via a long TERM environment variable to (1) atcronsh, (2) ...
How severe is CVE-2001-1148?
CVE-2001-1148 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1148?
Check the references section above for vendor advisories and patch information. Affected products include: Sco Openserver.