CVE
- Id
- 810
- CVE No.
- CVE-1999-0830
- Status
- Candidate
- Description
- Buffer overflow in SCO UnixWare Xsco command via a long argument.
- Phase
- Proposed (19991208)
- Votes
- ACCEPT(3) Armstrong, Baker, Stracener | MODIFY(3) Cole, Frech, Prosser | REVIEWING(1) Christey
- Comments
- Cole> This is BID 824 and the BUGTRAQ reference is 19991125. | Frech> XF:sco-unixware-xsco | Christey> Confirmed by vendor, albeit vaguely: | http://marc.theaimsgroup.com/?l=bugtraq&m=94581379905584&w=2 | | Prosser> agree with Steve on vendor confirmation, however not sure the | fix ref"d in BID 824 (SSE041) is right. It lists fixes for libnsl and | tcpip.so, nothing about xsco. SSE050b | (ftp://ftp.sco.com/SSE/security_bulletins/SB-99.26b) fixes a buffer overflow | in xsco on OpenServer (the vendor message Steve refers to) but not the | UnixWare vulnerability reported on Bugtraq and in BID824. Anyone more | familar with SCO shed some light on this? Are they the same codebase so fix | would be same? From the SCO site it seems the UnixWare and OpenSever | products are similar but have differences. | CHANGE> [Christey changed vote from NOOP to REVIEWING] | Christey> BID:824 | http://www.securityfocus.com/bid/824
