CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2017-17482
https://notcve.org/view.php?id=CVE-2017-17482
An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is exploitable on VAX and Alpha and may cause a process crash on IA64. Software was affected regardless of whether it was directly shipped by VMS Software, Inc. (VSI), HPE, HP, Compaq, or Digital Equipment Corporation. • http://www.openvms.org/node/121 https://groups.google.com/forum/#%21topic/comp.os.vms/BYIUQ0lJ-s0 https://www.theregister.co.uk/2018/02/06/openvms_vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 7EXPL: 0CVE-2012-3277
https://notcve.org/view.php?id=CVE-2012-3277
HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows remote attackers to cause a denial of service via unspecified vectors. HP OpenVMS v8.3, v8.3-1H1, y v8.4 en la plataforma Itanium y v7.3-2, v8.2, v8.3 y v8.4 en la plataforma Alpha no implementa correctamente el inicio de sesión y el programa ACME_SERVER ACMELOGIN, lo que permite a atacantes remotos provocar una denegación de servicio a través de vectores no especificados. • https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03599086 •
CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0CVE-2012-3276
https://notcve.org/view.php?id=CVE-2012-3276
HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows local users to cause a denial of service via unspecified vectors. HP OpenVMS v8.3, v8.3-1H1, y v8.4 en la plataforma Itanium y v7.3-2, v8.2, v8.3 y v8.4 en la plataforma Alpha no implementa correctamente el inicio de sesión y el programa ACME_SERVER ACMELOGIN, lo que permite a usuarios locales provocar una denegación de servicio a través de vectores no especificados • https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03599086 • CWE-16: Configuration •
CVSS: 4.9EPSS: 0%CPEs: 6EXPL: 0CVE-2012-0134
https://notcve.org/view.php?id=CVE-2012-0134
Unspecified vulnerability in HP OpenVMS 7.3-2 on the Alpha platform, 8.3 and 8.4 on the Alpha and IA64 platforms, and 8.3-1h1 on the IA64 platform allows local users to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en HP OpenVMS v7.3-2 en la plataforma Alpha, v8.3 y v8.4 en la plataforma Alpha e IA64, y v8.3-1H1 en la plataforma IA64 permite a usuarios locales provocar una denegación de servicio a través de vectores desconocidos. • http://www.securityfocus.com/archive/1/522386 http://www.securitytracker.com/id?1026935 •
CVSS: 6.8EPSS: 0%CPEs: 15EXPL: 0CVE-2010-1973
https://notcve.org/view.php?id=CVE-2010-1973
Unspecified vulnerability in the Auditing subsystem in HP OpenVMS 8.3, 8.2, 7.3-2, and earlier on the ALPHA platform, and 8.3-1H1, 8.3, 8.2-1, and earlier on the Itanium platform, allows local users to gain privileges or obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en Auditing subsystem de HP OpenVMS v8.3, 8.2, 7.3-2 y anteriores en la plataforma ALPHA y 8.3-1H1, 8.3, 8.2-1 y anteriores en la plataforma Itanium; permite a usuarios locales ganar privilegios u obtener información sensible a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=127905660900687&w=2 http://securitytracker.com/id?1024190 •