CVE Vulnerabilities

CVE-2004-0390

Published: Dec 31, 2004 | Modified: Apr 03, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods.

Affected Software

Name Vendor Start Version End Version
Openserver Sco 5.0.5 (including) 5.0.5 (including)
Openserver Sco 5.0.6 (including) 5.0.6 (including)
Openserver Sco 5.0.7 (including) 5.0.7 (including)

References