5 results (0.013 seconds)

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is exploitable on VAX and Alpha and may cause a process crash on IA64. Software was affected regardless of whether it was directly shipped by VMS Software, Inc. (VSI), HPE, HP, Compaq, or Digital Equipment Corporation. • http://www.openvms.org/node/121 https://groups.google.com/forum/#%21topic/comp.os.vms/BYIUQ0lJ-s0 https://www.theregister.co.uk/2018/02/06/openvms_vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 0%CPEs: 15EXPL: 0

Unspecified vulnerability in the Auditing subsystem in HP OpenVMS 8.3, 8.2, 7.3-2, and earlier on the ALPHA platform, and 8.3-1H1, 8.3, 8.2-1, and earlier on the Itanium platform, allows local users to gain privileges or obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en Auditing subsystem de HP OpenVMS v8.3, 8.2, 7.3-2 y anteriores en la plataforma ALPHA y 8.3-1H1, 8.3, 8.2-1 y anteriores en la plataforma Itanium; permite a usuarios locales ganar privilegios u obtener información sensible a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=127905660900687&w=2 http://securitytracker.com/id?1024190 •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

Buffer overflow in NET$CSMACD.EXE in HP OpenVMS 8.3 and earlier allows local users to cause a denial of service (machine crash) via the "MCR MCL SHOW CSMA-CD Port * All" command, which overwrites a Non-Paged Pool Packet. Desbordamiento de búfer en NET$CSMACD.EXE en HP OpenVMS 8.3 y anteriores permite a usuarios locales provocar denegación de servicio (caida de maquina) a través de comando "MCR MCL SHOW CSMA-CD Port * All", el cual sobrescribe Non-Paged Pool Packet. • http://mail.openvms.org:8100/Lists/alerts/Message/582.html http://mail.openvms.org:8100/Lists/alerts/Message/583.html http://osvdb.org/37811 http://secunia.com/advisories/27084 http://www.securityfocus.com/bid/25939 http://www.vupen.com/english/advisories/2007/3382 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 2%CPEs: 2EXPL: 0

Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an "oversize" packet, which is not properly discarded if "the device has no remaining buffers after receipt of the first buffer segment." Vulnerabilidad no especificada en (1) SYS$EI1000.EXE y (2) SYS$EI1000_MON.EXE en HP OpenVMS 8.3 y anteriores permite a atacantes remotos provocar denegación de servicio (caida de maquina) a través de un paquete "sobredimensionado", el cual no es descartado adecuadamente si "el dispositivo no tiene búfers restantes después de recibir el primer segmento de búfer". • http://mail.openvms.org:8100/Lists/alerts/Message/582.html http://mail.openvms.org:8100/Lists/alerts/Message/583.html http://osvdb.org/37812 http://osvdb.org/37813 http://secunia.com/advisories/27084 http://www.securityfocus.com/bid/25939 http://www.vupen.com/english/advisories/2007/3382 •

CVSS: 2.1EPSS: 0%CPEs: 5EXPL: 0

Unknown vulnerability in HP OpenVMS VAX 7.x and 6.x and OpenVMS Alpha 7.x or 6.x allows local users to access privileged files. • http://marc.info/?l=bugtraq&m=110980700101451&w=2 http://secunia.com/advisories/14444 https://exchange.xforce.ibmcloud.com/vulnerabilities/19566 •