CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2017-17482
https://notcve.org/view.php?id=CVE-2017-17482
07 Feb 2018 — An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is exploitable on VAX and Alpha and may cause a process crash on IA64. Software was affected regardless of whether it was directly shipped by VMS Software, Inc. (VSI), HPE, HP, Compaq, or Digital Equipment Corporation. • http://www.openvms.org/node/121 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2012-3276
https://notcve.org/view.php?id=CVE-2012-3276
13 Dec 2012 — HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows local users to cause a denial of service via unspecified vectors. HP OpenVMS v8.3, v8.3-1H1, y v8.4 en la plataforma Itanium y v7.3-2, v8.2, v8.3 y v8.4 en la plataforma Alpha no implementa correctamente el inicio de sesión y el programa ACME_SERVER ACMELOGIN, lo que permite a usuarios locales provocar una denegació... • https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03599086 • CWE-16: Configuration •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2012-3277
https://notcve.org/view.php?id=CVE-2012-3277
13 Dec 2012 — HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows remote attackers to cause a denial of service via unspecified vectors. HP OpenVMS v8.3, v8.3-1H1, y v8.4 en la plataforma Itanium y v7.3-2, v8.2, v8.3 y v8.4 en la plataforma Alpha no implementa correctamente el inicio de sesión y el programa ACME_SERVER ACMELOGIN, lo que permite a atacantes remotos provocar una den... • https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03599086 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2012-2010
https://notcve.org/view.php?id=CVE-2012-2010
18 May 2012 — The ACMELOGIN implementation in HP OpenVMS 8.3 and 8.4 on the Alpha platform, and 8.3, 8.3-1H1, and 8.4 on the Itanium platform, when the SYS$ACM system service is enabled, allows local users to gain privileges via unspecified vectors. La implementación de ACMELOGIN en HP OpenVMS v8.3 y v8.4 en la plataforma Alpha, y v8.3, v8.3-1H1, y v8.4 en la plataforma Itanium, cuando el servicio del sistema SYS$ACM está activado, permite a usuarios locales conseguir privilegios a través de vectores no especificados. • http://osvdb.org/82015 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2012-0134
https://notcve.org/view.php?id=CVE-2012-0134
19 Apr 2012 — Unspecified vulnerability in HP OpenVMS 7.3-2 on the Alpha platform, 8.3 and 8.4 on the Alpha and IA64 platforms, and 8.3-1h1 on the IA64 platform allows local users to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en HP OpenVMS v7.3-2 en la plataforma Alpha, v8.3 y v8.4 en la plataforma Alpha e IA64, y v8.3-1H1 en la plataforma IA64 permite a usuarios locales provocar una denegación de servicio a través de vectores desconocidos. • http://www.securityfocus.com/archive/1/522386 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2010-4110
https://notcve.org/view.php?id=CVE-2010-4110
22 Dec 2010 — Unspecified vulnerability in HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform on Integrity servers allows local users to gain privileges or cause a denial of service via unknown vectors. Vulnerabilidad no especificada en HP OpenVMS v8.3, v8.3-1H1, y v8.4 en la plataforma Itanium en servidores Integrity permite a usuarios locales obtener privilegios o causar una denegación de servicio a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=129243663611240&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2010-1973
https://notcve.org/view.php?id=CVE-2010-1973
22 Jul 2010 — Unspecified vulnerability in the Auditing subsystem in HP OpenVMS 8.3, 8.2, 7.3-2, and earlier on the ALPHA platform, and 8.3-1H1, 8.3, 8.2-1, and earlier on the Itanium platform, allows local users to gain privileges or obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en Auditing subsystem de HP OpenVMS v8.3, 8.2, 7.3-2 y anteriores en la plataforma ALPHA y 8.3-1H1, 8.3, 8.2-1 y anteriores en la plataforma Itanium; permite a usuarios locales ganar privilegios u obtener infor... • http://marc.info/?l=bugtraq&m=127905660900687&w=2 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2010-2612
https://notcve.org/view.php?id=CVE-2010-2612
01 Jul 2010 — Unspecified vulnerability in the HP OpenVMS Auditing feature in OpenVMS ALPHA 7.3-2, 8.2, and 8.3; and OpenVMS for Integrity Servers 8.3 AND 8.3-1H1; allows local users to obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en la característica de auditoría de HP OpenVMS en los servidores OpenVMS ALPHA v7.3-2, v8.2, y v8.3, y OpenVMS for Integrity v8,3 y v8.3-1H1; permite a usuarios locales obtener información sensible a través de vectores desconocidos. • ftp://ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/VMS732_SYS_MUP-V1900.txt • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2008-5417
https://notcve.org/view.php?id=CVE-2008-5417
10 Dec 2008 — HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions and modify this table via the (1) SYS$CRELNM and (2) SYS$DELLNM system services. HP DECnet-Plus v8.3 antes de ECO03 para OpenVMS en plataforma Alpha utiliza permisos de escritura universales para el nombre logico de tabla de OSIT$NAMES, que permite a usuarios locales evitar las restricciones de acceso y modifi... • ftp://ftp.itrc.hp.com/openvms_patches/alpha/V8.3/AXP_DNVOSIECO03-V83.txt • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 9%CPEs: 1EXPL: 1CVE-2008-5120 – OpenVms 8.3 Finger Service - Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-5120
18 Nov 2008 — Stack-based buffer overflow in the Process Software MultiNet finger service (aka FINGERD) for HP OpenVMS 8.3 allows remote attackers to execute arbitrary code via a long request string. Un desbordamiento de búfer basado en Process Software MultiNet finger service (también conocido como FINGERD) para HP OpenVMS 8.3 permite a atacantes remotos ejecutar código arbitrario a través de una peticion con una cadena de texto excesivamente larga. • https://www.exploit-db.com/exploits/32193 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •