CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2008-4052
https://notcve.org/view.php?id=CVE-2008-4052
Stack-based buffer overflow in SMGSHR.EXE in OpenVMS for Integrity Servers 8.2-1, 8.3, and 8.3-1H1 and OpenVMS ALPHA 7.3-2, 8.2, and 8.3 allows local users to cause a denial of service (crash) or gain privileges via unspecified vectors. Desbordamiento de búfer basado en pila en el archivo SMGSHR.EXE en OpenVMS para Integrity Servers 8.2-1, 8.3, y 8.3-1H1 y OpenVMS ALPHA 7.3-2, 8.2, y 8.3 que permite a los usuarios locales causar una denegación de servicios (caída) o aumentar privilegios a través de vectores no especificados. • http://mail.openvms.org:8100/Lists/alerts/Message/832.html http://mail.openvms.org:8100/Lists/alerts/Message/833.html http://mail.openvms.org:8100/Lists/alerts/Message/834.html http://mail.openvms.org:8100/Lists/alerts/Message/835.html http://mail.openvms.org:8100/Lists/alerts/Message/836.html http://mail.openvms.org:8100/Lists/alerts/Message/837.html http://secunia.com/advisories/31581 http://www.vupen.com/english/advisories/2008/2439 https://exchange.xforce.ibmcloud. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2008-3947
https://notcve.org/view.php?id=CVE-2008-3947
DCL (aka the CLI) in OpenVMS Alpha 8.3 allows local users to gain privileges via a long command line. DCL (también conocido como CLI) en OpenVMS Alpha 8.3 permite a usuarios locales obtener provilegios mediante una línea de comandos larga. • http://deathrow.vistech.net/DEFCON16/VMS.PDF http://www.securitytracker.com/id?1020827 https://exchange.xforce.ibmcloud.com/vulnerabilities/45047 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2007-5241
https://notcve.org/view.php?id=CVE-2007-5241
Buffer overflow in NET$CSMACD.EXE in HP OpenVMS 8.3 and earlier allows local users to cause a denial of service (machine crash) via the "MCR MCL SHOW CSMA-CD Port * All" command, which overwrites a Non-Paged Pool Packet. Desbordamiento de búfer en NET$CSMACD.EXE en HP OpenVMS 8.3 y anteriores permite a usuarios locales provocar denegación de servicio (caida de maquina) a través de comando "MCR MCL SHOW CSMA-CD Port * All", el cual sobrescribe Non-Paged Pool Packet. • http://mail.openvms.org:8100/Lists/alerts/Message/582.html http://mail.openvms.org:8100/Lists/alerts/Message/583.html http://osvdb.org/37811 http://secunia.com/advisories/27084 http://www.securityfocus.com/bid/25939 http://www.vupen.com/english/advisories/2007/3382 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 2%CPEs: 2EXPL: 0CVE-2007-5242
https://notcve.org/view.php?id=CVE-2007-5242
Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an "oversize" packet, which is not properly discarded if "the device has no remaining buffers after receipt of the first buffer segment." Vulnerabilidad no especificada en (1) SYS$EI1000.EXE y (2) SYS$EI1000_MON.EXE en HP OpenVMS 8.3 y anteriores permite a atacantes remotos provocar denegación de servicio (caida de maquina) a través de un paquete "sobredimensionado", el cual no es descartado adecuadamente si "el dispositivo no tiene búfers restantes después de recibir el primer segmento de búfer". • http://mail.openvms.org:8100/Lists/alerts/Message/582.html http://mail.openvms.org:8100/Lists/alerts/Message/583.html http://osvdb.org/37812 http://osvdb.org/37813 http://secunia.com/advisories/27084 http://www.securityfocus.com/bid/25939 http://www.vupen.com/english/advisories/2007/3382 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2007-3730
https://notcve.org/view.php?id=CVE-2007-3730
The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 does not log the source IP address or attempted username for login attempts, which might help remote attackers to avoid identification. La configuración por defecto del servidor POP en el TCP/IP Services 5.6 para HP OpenVMS 8.3 no deja constancia del origen de la dirección IP o los intentos del nombre de usuario para los intentos de autenticación, lo que puede ayudar a atacantes remotos a evitar la autenticación. • http://groups.google.com/group/comp.os.vms/browse_thread/thread/a5f68773805f862d/8a42e91fe1e9cd36 http://osvdb.org/37810 http://secunia.com/advisories/25882 http://www.securityfocus.com/bid/24751 •