CVE-2010-1973
https://notcve.org/view.php?id=CVE-2010-1973
Unspecified vulnerability in the Auditing subsystem in HP OpenVMS 8.3, 8.2, 7.3-2, and earlier on the ALPHA platform, and 8.3-1H1, 8.3, 8.2-1, and earlier on the Itanium platform, allows local users to gain privileges or obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en Auditing subsystem de HP OpenVMS v8.3, 8.2, 7.3-2 y anteriores en la plataforma ALPHA y 8.3-1H1, 8.3, 8.2-1 y anteriores en la plataforma Itanium; permite a usuarios locales ganar privilegios u obtener información sensible a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=127905660900687&w=2 http://securitytracker.com/id?1024190 •
CVE-2010-2612
https://notcve.org/view.php?id=CVE-2010-2612
Unspecified vulnerability in the HP OpenVMS Auditing feature in OpenVMS ALPHA 7.3-2, 8.2, and 8.3; and OpenVMS for Integrity Servers 8.3 AND 8.3-1H1; allows local users to obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en la característica de auditoría de HP OpenVMS en los servidores OpenVMS ALPHA v7.3-2, v8.2, y v8.3, y OpenVMS for Integrity v8,3 y v8.3-1H1; permite a usuarios locales obtener información sensible a través de vectores desconocidos. • ftp://ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/VMS732_SYS_MUP-V1900.txt ftp://ftp.itrc.hp.com/openvms_patches/alpha/V8.2/VMS82A_SYS_MUP-V1700.txt ftp://ftp.itrc.hp.com/openvms_patches/alpha/V8.3/VMS83A_SYS_MUP-V1700.txt ftp://ftp.itrc.hp.com/openvms_patches/i64/V8.3-1H1/VMS831H1I_SYS_MUP-V1100.txt ftp://ftp.itrc.hp.com/openvms_patches/i64/V8.3/VMS83I_SYS_MUP-V1400.txt http://secunia.com/advisories/40361 http://www.securityfocus.com/bid/41186 http • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2010-0443
https://notcve.org/view.php?id=CVE-2010-0443
Unspecified vulnerability in Record Management Services (RMS) before VMS83A_RMS-V1100 for HP OpenVMS on the Alpha platform allows local users to gain privileges via unknown vectors. Vulnerabilidad no especificada en Record Management Services (RMS) anterior VMS83A_RMS-V1100 para HP OpenVMS en la plataforma Alpha permite a usuarios locales obtener privilegios a través d vectores desconocidos. • http://marc.info/?l=bugtraq&m=126520981100671&w=2 http://secunia.com/advisories/38366 http://www.securityfocus.com/bid/38048 http://www.vupen.com/english/advisories/2010/0286 https://exchange.xforce.ibmcloud.com/vulnerabilities/56062 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-5417
https://notcve.org/view.php?id=CVE-2008-5417
HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions and modify this table via the (1) SYS$CRELNM and (2) SYS$DELLNM system services. HP DECnet-Plus v8.3 antes de ECO03 para OpenVMS en plataforma Alpha utiliza permisos de escritura universales para el nombre logico de tabla de OSIT$NAMES, que permite a usuarios locales evitar las restricciones de acceso y modificar la tabla a traves de los servicios del sistema (1) SYS$CRELNM and (2) SYS$DELLNM. • ftp://ftp.itrc.hp.com/openvms_patches/alpha/V8.3/AXP_DNVOSIECO03-V83.txt http://secunia.com/advisories/33028 http://securitytracker.com/id?1021364 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-5120 – OpenVms 8.3 Finger Service - Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-5120
Stack-based buffer overflow in the Process Software MultiNet finger service (aka FINGERD) for HP OpenVMS 8.3 allows remote attackers to execute arbitrary code via a long request string. Un desbordamiento de búfer basado en Process Software MultiNet finger service (también conocido como FINGERD) para HP OpenVMS 8.3 permite a atacantes remotos ejecutar código arbitrario a través de una peticion con una cadena de texto excesivamente larga. • https://www.exploit-db.com/exploits/32193 http://securityreason.com/securityalert/4602 http://www.securityfocus.com/archive/1/495207/100/0/threaded http://www.securityfocus.com/bid/30589 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •