CyberSec.Space Logo
Back to CVE Browser

CVE-2004-0390

HIGH
7.5
CVSS Severity Score
EPSS Score0.0650%
EPSS Percentile11.69th
PublishedDec 31, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods.

Affected Platforms (CPE)

πŸ’»
Sco

Openserver

= 5.0.5
πŸ’»
Sco

Openserver

= 5.0.6
πŸ’»
Sco

Openserver

= 5.0.7

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0424.html
πŸ”— http://www.securityfocus.com/advisories/6684
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/16113
πŸ”— http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0424.html
πŸ”— http://www.securityfocus.com/advisories/6684
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/16113

Related Vulnerabilities

CVE-2000-030610.0

Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message.

CVE-2020-254949.8

Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform o...

CVE-1999-14507.5

Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlie...

CVE-2001-05797.5

lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first...