VULHUB ™

Certain versions of SCO's UnixWare ship with a version of /usr/X/bin/xauto which is vulnerable to a buffer overflow attack which may result in an attacker gaining root privileges. This is exploitable to gain root privileges even though /usr/X/bin/xauto is not setuid root. This is due to a system design issue with SCO Unixware which is discussed in an attached message in the 'Credit' section titled "UnixWare 7 uidadmin exploit + discussion".

Certain versions of SCO's UnixWare ship with a version of /usr/X/bin/xauto which is vulnerable to a buffer overflow attack which may result in an attacker gaining root privileges. This is exploitable to gain root privileges even though /usr/X/bin/xauto is not setuid root. This is due to a system design issue with SCO Unixware which is discussed in an attached message in the 'Credit' section titled "UnixWare 7 uidadmin exploit + discussion".