Filtered by vendor Hp
Subscriptions
Filtered by product Openvms
Subscriptions
Total
26 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-17482 | 1 Hp | 1 Openvms | 2024-11-21 | N/A |
An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is exploitable on VAX and Alpha and may cause a process crash on IA64. Software was affected regardless of whether it was directly shipped by VMS Software, Inc. (VSI), HPE, HP, Compaq, or Digital Equipment Corporation. | ||||
CVE-2012-3277 | 1 Hp | 1 Openvms | 2024-11-21 | N/A |
HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows remote attackers to cause a denial of service via unspecified vectors. | ||||
CVE-2012-3276 | 1 Hp | 1 Openvms | 2024-11-21 | N/A |
HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows local users to cause a denial of service via unspecified vectors. | ||||
CVE-2012-2010 | 1 Hp | 1 Openvms | 2024-11-21 | N/A |
The ACMELOGIN implementation in HP OpenVMS 8.3 and 8.4 on the Alpha platform, and 8.3, 8.3-1H1, and 8.4 on the Itanium platform, when the SYS$ACM system service is enabled, allows local users to gain privileges via unspecified vectors. | ||||
CVE-2012-0134 | 1 Hp | 1 Openvms | 2024-11-21 | N/A |
Unspecified vulnerability in HP OpenVMS 7.3-2 on the Alpha platform, 8.3 and 8.4 on the Alpha and IA64 platforms, and 8.3-1h1 on the IA64 platform allows local users to cause a denial of service via unknown vectors. | ||||
CVE-2011-1378 | 2 Hp, Ibm | 2 Openvms, Websphere Mq | 2024-11-21 | N/A |
IBM WebSphere MQ 6.0 on OpenVMS, when the default rights of the MQM group are established, does not properly verify User Authorization File (UAF) data, which allows local users to kill listener processes and the command server via a control command. | ||||
CVE-2010-4110 | 1 Hp | 1 Openvms | 2024-11-21 | N/A |
Unspecified vulnerability in HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform on Integrity servers allows local users to gain privileges or cause a denial of service via unknown vectors. | ||||
CVE-2010-2612 | 1 Hp | 2 Openvms, Openvms For Integrity Servers | 2024-11-21 | N/A |
Unspecified vulnerability in the HP OpenVMS Auditing feature in OpenVMS ALPHA 7.3-2, 8.2, and 8.3; and OpenVMS for Integrity Servers 8.3 AND 8.3-1H1; allows local users to obtain sensitive information via unknown vectors. | ||||
CVE-2010-1973 | 1 Hp | 1 Openvms | 2024-11-21 | N/A |
Unspecified vulnerability in the Auditing subsystem in HP OpenVMS 8.3, 8.2, 7.3-2, and earlier on the ALPHA platform, and 8.3-1H1, 8.3, 8.2-1, and earlier on the Itanium platform, allows local users to gain privileges or obtain sensitive information via unknown vectors. | ||||
CVE-2010-0443 | 1 Hp | 2 Openvms, Openvms Rms | 2024-11-21 | N/A |
Unspecified vulnerability in Record Management Services (RMS) before VMS83A_RMS-V1100 for HP OpenVMS on the Alpha platform allows local users to gain privileges via unknown vectors. | ||||
CVE-2008-5417 | 1 Hp | 2 Decnet Plus For Openvms, Openvms | 2024-11-21 | N/A |
HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions and modify this table via the (1) SYS$CRELNM and (2) SYS$DELLNM system services. | ||||
CVE-2008-5120 | 1 Hp | 1 Openvms | 2024-11-21 | N/A |
Stack-based buffer overflow in the Process Software MultiNet finger service (aka FINGERD) for HP OpenVMS 8.3 allows remote attackers to execute arbitrary code via a long request string. | ||||
CVE-2008-4052 | 1 Hp | 1 Openvms | 2024-11-21 | N/A |
Stack-based buffer overflow in SMGSHR.EXE in OpenVMS for Integrity Servers 8.2-1, 8.3, and 8.3-1H1 and OpenVMS ALPHA 7.3-2, 8.2, and 8.3 allows local users to cause a denial of service (crash) or gain privileges via unspecified vectors. | ||||
CVE-2008-3947 | 1 Hp | 1 Openvms | 2024-11-21 | N/A |
DCL (aka the CLI) in OpenVMS Alpha 8.3 allows local users to gain privileges via a long command line. | ||||
CVE-2008-3946 | 1 Hp | 1 Openvms | 2024-11-21 | N/A |
The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files via a link corresponding to a (1) .plan or (2) .project file. | ||||
CVE-2008-3940 | 1 Hp | 1 Openvms | 2024-11-21 | N/A |
Format string vulnerability in the finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to gain privileges via format string specifiers in a (1) .plan or (2) .project file. | ||||
CVE-2007-5242 | 1 Hp | 1 Openvms | 2024-11-21 | N/A |
Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an "oversize" packet, which is not properly discarded if "the device has no remaining buffers after receipt of the first buffer segment." | ||||
CVE-2007-5241 | 1 Hp | 1 Openvms | 2024-11-21 | N/A |
Buffer overflow in NET$CSMACD.EXE in HP OpenVMS 8.3 and earlier allows local users to cause a denial of service (machine crash) via the "MCR MCL SHOW CSMA-CD Port * All" command, which overwrites a Non-Paged Pool Packet. | ||||
CVE-2007-3730 | 1 Hp | 1 Openvms | 2024-11-21 | N/A |
The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 does not log the source IP address or attempted username for login attempts, which might help remote attackers to avoid identification. | ||||
CVE-2007-3729 | 1 Hp | 1 Openvms | 2024-11-21 | N/A |
The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid POP usernames. |