Lucene search
K
HpOpenvms

22 matches found

CVE
CVE
added 2012/12/13 11:0 a.m.59 views

CVE-2012-3276

The CVE-2012-3276 entry affects HP OpenVMS on Itanium (8.3, 8.3-1H1, 8.4) and Alpha (7.3-2, 8.2, 8.3, 8.4). The issue is a flaw in the LOGIN and ACME_SERVER ACMELOGIN implementations that can allow a local user to cause a Denial of Service. The vulnerability is characterized as local (AV:L, AC:L)...

2.1CVSS6.4AI score0.00486EPSS
CVE
CVE
added 2012/12/13 11:0 a.m.55 views

CVE-2012-3277

CVE-2012-3277 affects HP OpenVMS on Itanium (V8.3, V8.3-1H1, V8.4) and Alpha (V7.3-2, V8.2, V8.3, V8.4). The issue arises from improper implementation of LOGIN and ACME_SERVER ACMELOGIN, enabling remote attackers to cause a Denial of Service via unspecified vectors. HP’s Security Bulletin HPSBOV0...

5CVSS6.8AI score0.0235EPSS
CVE
CVE
added 2007/07/12 5:0 p.m.54 views

CVE-2007-3730

The CVE-2007-3730 issue affects HP OpenVMS TCP/IP Services 5.6 (POP server) where the default configuration fails to log the source IP address and attempted username for login attempts. This logging deficiency could help remote attackers remain anonymous or avoid identification when probing or at...

5CVSS6.7AI score0.01934EPSS
CVE
CVE
added 2007/10/06 4:0 p.m.53 views

CVE-2007-5241

CVE-2007-5241 affects HP OpenVMS 8.3 and earlier. A buffer overflow in NET$CSMACD.EXE is triggered by the command “MCR MCL SHOW CSMA-CD Port * All,” allowing local users to cause a denial of service (machine crash) by overwriting a Non-Paged Pool Packet. The description confirms the vulnerable co...

5CVSS6.5AI score0.02434EPSS
CVE
CVE
added 2007/01/09 11:0 a.m.52 views

CVE-2007-0139

The CVE-2007-0139 entry concerns DECnet-Plus 7.3-2 (OpenVMS ALPHA) and DECnet/OSI 7.3 (OpenVMS VAX). A vulnerability permits attackers to obtain unintended privileged access to data and system resources via unspecified vectors affecting components such as CTF$UI.EXE, CTF$MESSAGES.EXE, CTF$HELP.HL...

7.5CVSS6.4AI score0.02131EPSS
CVE
CVE
added 2006/07/18 9:0 p.m.50 views

CVE-2006-3686

Technical details about CVE-2006-3686 are not publicly provided in the supplied documents. Monitor for updates from official advisories.

5CVSS6.6AI score0.02492EPSS
CVE
CVE
added 2008/09/05 3:0 p.m.50 views

CVE-2008-3940

CVE-2008-3940 describes a format string vulnerability in the finger client of HP TCP/IP Services for OpenVMS 5.x. Local users can gain privileges by supplying crafted content in either the ".plan" or the ".project" file, exploiting format string specifiers. The vulnerability affects the finger cl...

4.4CVSS6.5AI score0.00379EPSS
CVE
CVE
added 2008/11/18 12:0 a.m.50 views

CVE-2008-5120

CVE-2008-5120 describes a stack-based buffer overflow in the Process Software MultiNet finger service (FINGERD) used by HP OpenVMS 8.3. The overflow occurs via a long request string, enabling remote attackers to execute arbitrary code. The vulnerability is associated with the finger service compo...

10CVSS8.1AI score0.09932EPSS
CVE
CVE
added 2007/05/02 10:0 p.m.49 views

CVE-2007-2468

HP OpenVMS for Integrity Servers versions 8.2-1 and 8.3 are affected by an unspecified local vulnerability that allows a non-privileged user to cause a denial of service (crash) via Program actions relating to exceptions. The description does not provide details on root cause, vulnerable componen...

4.9CVSS6.3AI score0.00517EPSS
CVE
CVE
added 2007/10/06 4:0 p.m.49 views

CVE-2007-5242

HP OpenVMS 8.3 and earlier contain an unspecified vulnerability in SYS$EI1000.EXE and SYS$EI1000_MON.EXE that allows remote attackers to cause a denial of service (machine crash) via an oversize packet. The issue arises because the oversize packet is not properly discarded when the device has no ...

4.3CVSS6.8AI score0.02099EPSS
CVE
CVE
added 2010/07/22 1:0 a.m.49 views

CVE-2010-1973

CVE-2010-1973 affects HP OpenVMS (ALPHA: 7.3-2, 8.2, 8.3; Itanium: 8.2-1, 8.3-1H1, 8.3) in the Auditing subsystem. The vulnerability allows local users to gain privileges or obtain sensitive information via unknown vectors. HP’s Security Bulletin HPSBOV02539 lists potential local information disc...

6.8CVSS6.3AI score0.00278EPSS
CVE
CVE
added 2012/05/18 8:0 p.m.47 views

CVE-2012-2010

The CVE-2012-2010 vulnerability affects HP OpenVMS where the ACMELOGIN implementation (SYS$ACM) on Alpha and Itanium platforms can be exploited locally to gain privileges. Affected versions are OpenVMS Alpha v8.3/v8.4 and Itanium v8.3, v8.3-1H1, and v8.4, with the SYS$ACM system service enabled. ...

6.9CVSS6.7AI score0.00391EPSS
CVE
CVE
added 2018/02/07 3:0 p.m.47 views

CVE-2017-17482

OpenVMS has a local privilege escalation vulnerability CVE-2017-17482 caused by a malformed DCL command table that can trigger a buffer overflow. Affected: OpenVMS on Alpha (V8.4-2L2) and IA64 (V8.4-2L1), and VAX/VMS 4.0 and later. Impact: local privilege escalation for non-privileged users; the ...

7.8CVSS8AI score0.00647EPSS
CVE
CVE
added 2007/07/12 5:0 p.m.44 views

CVE-2007-3729

CVE-2007-3729 affects the POP server in TCP/IP Services 5.6 on HP OpenVMS 8.3. The default configuration causes the server to generate different responses based on whether a provided username is valid, allowing remote attackers to enumerate valid POP usernames via network interaction. The availab...

5CVSS6.7AI score0.02049EPSS
CVE
CVE
added 2010/07/01 9:0 p.m.44 views

CVE-2010-2612

Technical details about CVE-2010-2612 are not publicly provided in the supplied documents; no affected products, vulnerable components, or fixes are specified here. Monitor for updates.

2.1CVSS6AI score0.00469EPSS
CVE
CVE
added 2005/03/07 5:0 a.m.43 views

CVE-2005-0652

Technical details about CVE-2005-0652 (affected products, vulnerable components, root cause, impact) are not publicly available in the supplied documents. Monitor for updates.

2.1CVSS6.7AI score0.00489EPSS
CVE
CVE
added 2007/06/04 5:0 p.m.43 views

CVE-2007-2998

CVE-2007-2998 affects the Pascal run-time library PAS$RTL.EXE on OpenVMS: OpenVMS for Integrity Servers 8.3 (before 20070418) and OpenVMS Alpha 8.3 (before 20070419). The issue is that PAS$RTL.EXE does not properly restore PC and PSL values, which enables local users to trigger a denial of servic...

4.9CVSS6.4AI score0.00488EPSS
CVE
CVE
added 2008/09/05 4:0 p.m.42 views

CVE-2008-3946

The CVE-2008-3946 entry affects the finger client in HP TCP/IP Services for OpenVMS 5.x. The vulnerability enables local users to read arbitrary files by requesting a link corresponding to a .plan or a .project file. This is a local, low-complexity issue with complete confidentiality impact on th...

4.9CVSS6.3AI score0.00562EPSS
CVE
CVE
added 2010/12/22 8:0 p.m.42 views

CVE-2010-4110

HP OpenVMS Integrity Servers on Itanium (HP OpenVMS 8.3, 8.3-1H1, 8.4) is affected by CVE-2010-4110, which enables local users to gain privileged access or cause a DoS due to an unspecified vulnerability in the OS on Integrity systems. The connected HP security bulletin (HPSBOV02618) confirms the...

5.7CVSS6.8AI score0.00284EPSS
CVE
CVE
added 2012/04/19 9:0 p.m.42 views

CVE-2012-0134

CVE-2012-0134 affects HP OpenVMS: local Denial of Service on HP OpenVMS 7.3-2 (Alpha) and 8.3/8.4 (Alpha/IA64), plus 8.3-1h1 (IA64). Root cause unspecified in initial description; HP bulletin lists affected versions and patch kits: VMS732_MUP-V0200 (7.3-2 Alpha), VMS83A_MUP-V0100 (8.3 Alpha), VMS...

4.9CVSS6.3AI score0.00444EPSS
CVE
CVE
added 2008/09/05 4:0 p.m.40 views

CVE-2008-3947

CVE-2008-3947 affects OpenVMS Alpha 8.3 (DCL). Local users can gain privileges via a long command line. CVSSv2 base score 7.2 (HIGH). No remediation or exploit details are provided in the connected documents.

7.2CVSS6.6AI score0.00443EPSS
CVE
CVE
added 2008/09/11 2:0 p.m.37 views

CVE-2008-4052

CVE-2008-4052 describes a stack-based overflow in SMGSHR.EXE on OpenVMS for Integrity Servers (8.2-1, 8.3, 8.3-1H1) and OpenVMS ALPHA (7.3-2, 8.2, 8.3). The underlying issue is a stack-based overflow in SMGSHR.EXE that allows local users to cause a denial of service (crash) or gain privileges via...

7.2CVSS7.1AI score0.0048EPSS