openvms software vulnerabilities
vulnerabilities.aspcode.net
Searching openvms software vulnerabilities
Vulnerabilities in DECnet/OSI for OpenVMS befor
Vulnerabilities
|
privileges
|
DECnet/OSI
|
VAX/VMS
|
systems
|
service
|
OpenVMS
|
before
|
denial
|
users
|
cause
|
allow
|
Alpha
|
local
|
gain
|
AXP
|
DEC
|
Vulnerabilities in DECnet/OSI for OpenVMS before 5.8 on DEC Alpha AXP and VAX/VMS systems allow local users to gain privileges or cause a denial of service.
Vulnerability in loginout in Digital OpenVMS 7.
authentication
|
Vulnerability
|
unauthorized
|
loginout
|
external
|
enabled
|
Digital
|
OpenVMS
|
earlier
|
allows
|
access
|
Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows unauthorized access when external authentication is enabled.
Vulnerability in DECwindows Motif Server on Ope
Vulnerability
|
unauthorized
|
DECwindows
|
resources
|
through
|
OpenVMS
|
access
|
allows
|
Server
|
users
|
Motif
|
SEVMS
|
Alpha
|
local
|
gain
|
VAX
|
Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 through 7.3, and SEVMS VAX or Alpha 6.2, allows local users to gain access to unauthorized resources.
ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 d
privileges
|
attackers
|
properly
|
process
|
OpenVMS
|
allows
|
access
|
Alpha
|
which
|
ACMS
|
data
|
does
|
not
|
use
|
ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 does not properly use process privileges, which allows attackers to access data.
Unknown vulnerability in HP OpenVMS VAX 7.x and
vulnerability
|
privileged
|
OpenVMS
|
Unknown
|
access
|
allows
|
Alpha
|
files
|
local
|
users
|
VAX
|
Unknown vulnerability in HP OpenVMS VAX 7.x and 6.x and OpenVMS Alpha 7.x or 6.x allows local users to access privileged files.
Unspecified vulnerability in HP OpenVMS Integri
vulnerability
|
Unspecified
|
Integrity
|
service
|
OpenVMS
|
allows
|
denial
|
users
|
cause
|
Alpha
|
local
|
82-1
|
73-2
|
Unspecified vulnerability in HP OpenVMS Integrity 8.2-1 and 8.2, and OpenVMS Alpha 7.3-2 and 8.2, allows local users to cause a denial of service.
Unspecified vulnerability in [SYSEXE]SMPUTIL.EX
[SYSEXE]SMPUTILEXE
|
vulnerability
|
Unspecified
|
"remote
|
service
|
OpenVMS
|
users"
|
allows
|
denial
|
cause
|
local
|
users
|
73-2
|
Unspecified vulnerability in [SYSEXE]SMPUTIL.EXE in HP OpenVMS 7.3-2 allows local users and "remote users" to cause a denial of service (crash).
NET$SESSION_CONTROL.EXE in DECnet-Plus in OpenV
NET$SESSION_CONTROLEXE
|
DECnet-Plus
|
successful
|
connection
|
passwords
|
breakin"
|
password
|
"network
|
OpenVMS
|
reading
|
allows
|
writes
|
obtain
|
which
|
users
|
local
|
event
|
there
|
audit
|
after
|
ALPHA
|
73-2
|
file
|
log
|
NET$SESSION_CONTROL.EXE in DECnet-Plus in OpenVMS ALPHA 7.3-2 and Alpha 8.2 writes a password to an audit log file when there is a successful connection after a "network breakin" event, which allows local users to obtain passwords by reading the file.
Unspecified vulnerability in the DECnet-Plus 7.
vulnerability
|
"unintended
|
DECnet-Plus
|
Unspecified
|
DECnet/OSI
|
resources"
|
privileged
|
attackers
|
feature
|
OpenVMS
|
related
|
vectors
|
system
|
access
|
allows
|
obtain
|
ALPHA
|
73-2
|
data
|
VAX
|
via
|
Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/OSI 7.3-2 for OpenVMS ALPHA, and the DECnet-Plus 7.3 feature in DECnet/OSI 7.3 for OpenVMS VAX, allows attackers to obtain "unintended privileged access to data and system resources" via unspecified vectors, related to (1) [SYSEXE]CTF$UI.EXE, (2) [SYSMSG]CTF$MESSAGES.EXE, (3) [SYSHLP]CTF$HELP.HLB, and (4) [SYSMGR]CTF$STARTUP.COM.
Unspecified vulnerability in HP OpenVMS for Int
vulnerability
|
Unspecified
|
Integrity
|
service
|
Servers
|
OpenVMS
|
denial
|
allows
|
cause
|
local
|
users
|
82-1
|
Unspecified vulnerability in HP OpenVMS for Integrity Servers 8.2-1 and 8.3 allows local users to cause a denial of service (crash) via "Program actions relating to exceptions."
The Pascal run-time library (PAS$RTL.EXE) befor
run-time
|
library
|
Pascal
|
The Pascal run-time library (PAS$RTL.EXE) before Wednesday, April 18, 2007 on OpenVMS for Integrity Servers 8.3, and PAS$RTL.EXE before Thursday, April 19, 2007 on OpenVMS Alpha 8.3, does not properly restore PC and PSL values, which allows local users to cause a denial of service (system crash) via certain Pascal code.
The default configuration of the POP server in
configuration
|
depending
|
responses
|
different
|
usernames
|
enumerate
|
attackers
|
generates
|
Services
|
username
|
default
|
whether
|
OpenVMS
|
remote
|
allows
|
TCP/IP
|
server
|
valid
|
which
|
not
|
POP
|
The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid POP usernames.
The default configuration of the POP server in
identification
|
configuration
|
attempted
|
attackers
|
Services
|
attempts
|
username
|
address
|
OpenVMS
|
default
|
TCP/IP
|
remote
|
server
|
source
|
might
|
avoid
|
which
|
login
|
does
|
help
|
not
|
log
|
POP
|
The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 does not log the source IP address or attempted username for login attempts, which might help remote attackers to avoid identification.
Buffer overflow in NET$CSMACD.EXE in HP OpenVMS
NET$CSMACDEXE
|
overflow
|
earlier
|
OpenVMS
|
service
|
denial
|
allows
|
Buffer
|
cause
|
local
|
users
|
Buffer overflow in NET$CSMACD.EXE in HP OpenVMS 8.3 and earlier allows local users to cause a denial of service (machine crash) via the "MCR MCL SHOW CSMA-CD Port * All" command, which overwrites a Non-Paged Pool Packet.
Unspecified vulnerability in (1) SYS$EI1000.EXE
vulnerability
|
Unspecified
|
Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an "oversize" packet, which is not properly discarded if "the device has no remaining buffers after receipt of the first buffer segment."
Software vulnerabilities results 1 to 16 of 16
Page:
1