17 matches found
EUVD-2007-0143
Malware in sbrugna...
EUVD-2008-5394
Malware in sbrugna...
CVE-2008-5417
HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions and modify this table via the 1 SYS$CRELNM and 2 SYS$DELLNM system services...
HP DECnet-Plus OpenVMS 'OSIT$NAMES'绕过安全限制漏洞
BUGTRAQ ID: 32711 HP DECnet-Plus一种在数据系统之间提供通信功能的软硬件产品。 HP DECnet-Plus OpenVMS实现上存在漏洞,远程攻击者可能利用此绕过某些安全限制非授权修改'OSIT$NAMES'表。 HP DECnet-Plus for OpenVMS VAX 7.3 HP DECnet-Plus for OpenVMS ALPHA 7.3-2 HP -- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://itrc.hp.com...
CVE-2008-5417
HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions and modify this table via the 1 SYS$CRELNM and 2 SYS$DELLNM system services...
Design/Logic Flaw
HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions and modify this table via the 1 SYS$CRELNM and 2 SYS$DELLNM system services...
CVE-2008-5417
CVE-2008-5417 affects HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform. The vulnerability arises because the OSIT$NAMES logical name table has world-writable permissions, allowing local users to bypass access restrictions and modify the table via the SYS$CRELNM and SYS$DELLNM sys...
CVE-2008-5417
HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions and modify this table via the 1 SYS$CRELNM and 2 SYS$DELLNM system services...
CVE-2007-0139
Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/OSI 7.3-2 for OpenVMS ALPHA, and the DECnet-Plus 7.3 feature in DECnet/OSI 7.3 for OpenVMS VAX, allows attackers to obtain "unintended privileged access to data and system resources" via unspecified vectors, related to 1...
Code injection
Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/OSI 7.3-2 for OpenVMS ALPHA, and the DECnet-Plus 7.3 feature in DECnet/OSI 7.3 for OpenVMS VAX, allows attackers to obtain "unintended privileged access to data and system resources" via unspecified vectors, related to 1...
CVE-2007-0139
The CVE-2007-0139 entry concerns DECnet-Plus 7.3-2 (OpenVMS ALPHA) and DECnet/OSI 7.3 (OpenVMS VAX). A vulnerability permits attackers to obtain unintended privileged access to data and system resources via unspecified vectors affecting components such as CTF$UI.EXE, CTF$MESSAGES.EXE, CTF$HELP.HL...
CVE-2007-0139
Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/OSI 7.3-2 for OpenVMS ALPHA, and the DECnet-Plus 7.3 feature in DECnet/OSI 7.3 for OpenVMS VAX, allows attackers to obtain "unintended privileged access to data and system resources" via unspecified vectors, related to 1...
HP DECNet-Plus For OpenVMS未明安全绕过漏洞
HP DECNet-Plus是一款遵循七层 OSI 参考模型并支持众多的标准OSI协议。 HP DECNet-Plus For OpenVMS存在未明安全绕过,远程攻击者可以利用漏洞绕过限制访问敏感数据或系统资源。 目前没有详细漏洞细节提供。 HP DECnet-Plus for OpenVMS VAX 7.3 HP DECnet-Plus for OpenVMS ALPHA 7.3-2 可参考如下安全公告获得解决方案: ftp://ftp.itrc.hp.com/openvmspatches/alpha/V7.3-2/AXPDNVOSIMUP01-V0703-2.txt...
OpenVMS multiple security vulnerabilities
HP DecNet-Plus undisclosured vulnerability, cleartext password in log files...
CVE-2006-4537
NET$SESSIONCONTROL.EXE in DECnet-Plus in OpenVMS ALPHA 7.3-2 and Alpha 8.2 writes a password to an audit log file when there is a successful connection after a "network breakin" event, which allows local users to obtain passwords by reading the file...
CVE-2006-4537
NET$SESSIONCONTROL.EXE in DECnet-Plus in OpenVMS ALPHA 7.3-2 and Alpha 8.2 writes a password to an audit log file when there is a successful connection after a "network breakin" event, which allows local users to obtain passwords by reading the file...
CVE-2006-4537
In DECnet-Plus on OpenVMS ALPHA 7.3-2 and 8.2, the NET$SESSION_CONTROL.EXE component writes a password to an audit log file after a successful connection following a network breakin, allowing local users to read the file and obtain passwords. This is the stated vulnerability. Patches are availabl...