CVE-2017-17482
https://notcve.org/view.php?id=CVE-2017-17482
An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is exploitable on VAX and Alpha and may cause a process crash on IA64. Software was affected regardless of whether it was directly shipped by VMS Software, Inc. (VSI), HPE, HP, Compaq, or Digital Equipment Corporation. • http://www.openvms.org/node/121 https://groups.google.com/forum/#%21topic/comp.os.vms/BYIUQ0lJ-s0 https://www.theregister.co.uk/2018/02/06/openvms_vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-3277
https://notcve.org/view.php?id=CVE-2012-3277
HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows remote attackers to cause a denial of service via unspecified vectors. HP OpenVMS v8.3, v8.3-1H1, y v8.4 en la plataforma Itanium y v7.3-2, v8.2, v8.3 y v8.4 en la plataforma Alpha no implementa correctamente el inicio de sesión y el programa ACME_SERVER ACMELOGIN, lo que permite a atacantes remotos provocar una denegación de servicio a través de vectores no especificados. • https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03599086 •
CVE-2012-3276
https://notcve.org/view.php?id=CVE-2012-3276
HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows local users to cause a denial of service via unspecified vectors. HP OpenVMS v8.3, v8.3-1H1, y v8.4 en la plataforma Itanium y v7.3-2, v8.2, v8.3 y v8.4 en la plataforma Alpha no implementa correctamente el inicio de sesión y el programa ACME_SERVER ACMELOGIN, lo que permite a usuarios locales provocar una denegación de servicio a través de vectores no especificados • https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03599086 • CWE-16: Configuration •
CVE-2012-2010
https://notcve.org/view.php?id=CVE-2012-2010
The ACMELOGIN implementation in HP OpenVMS 8.3 and 8.4 on the Alpha platform, and 8.3, 8.3-1H1, and 8.4 on the Itanium platform, when the SYS$ACM system service is enabled, allows local users to gain privileges via unspecified vectors. La implementación de ACMELOGIN en HP OpenVMS v8.3 y v8.4 en la plataforma Alpha, y v8.3, v8.3-1H1, y v8.4 en la plataforma Itanium, cuando el servicio del sistema SYS$ACM está activado, permite a usuarios locales conseguir privilegios a través de vectores no especificados. • http://osvdb.org/82015 http://www.securityfocus.com/bid/53613 http://www.securitytracker.com/id?1027074 https://exchange.xforce.ibmcloud.com/vulnerabilities/75729 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03333494 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-0134
https://notcve.org/view.php?id=CVE-2012-0134
Unspecified vulnerability in HP OpenVMS 7.3-2 on the Alpha platform, 8.3 and 8.4 on the Alpha and IA64 platforms, and 8.3-1h1 on the IA64 platform allows local users to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en HP OpenVMS v7.3-2 en la plataforma Alpha, v8.3 y v8.4 en la plataforma Alpha e IA64, y v8.3-1H1 en la plataforma IA64 permite a usuarios locales provocar una denegación de servicio a través de vectores desconocidos. • http://www.securityfocus.com/archive/1/522386 http://www.securitytracker.com/id?1026935 •