DigitalCVEs & Vulnerabilities

33 CVEs affecting Digital products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

unix 46osf 1 41ultrix 9digital openvms 1digital openvms axp 1vms 1
CVE-2002-1127HIGH

Buffer overflow in uucp in Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long source (-s) command line parameter.

4 Oct 2002
7.2
CVSS
CVE-2002-1128HIGH

Buffer overflow in inc mail utility for Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long MH environment variable.

4 Oct 2002
7.2
CVSS
CVE-2002-1129HIGHpoc

Buffer overflow in dxterm allows local users to execute arbitrary code via a long -xrm argument.

4 Oct 2002
7.2
CVSS
CVE-2001-0369HIGHpoc

Buffer overflow in lpsched on DGUX version R4.20MU06 and MU02 allows a local attacker to obtain root access via a long command line argument (non-existent printer name).

27 Jun 2001
7.2
CVSS
CVE-2000-0314MEDIUM

traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.

12 Mar 2001
5.0
CVSS
CVE-2000-0315MEDIUM

traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.

12 Mar 2001
5.0
CVSS
CVE-2001-0134CRITICAL

Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user name.

12 Mar 2001
10.0
CVSS
CVE-2000-0845MEDIUM

kdebug daemon (kdebugd) in Digital Unix 4.0F allows remote attackers to read arbitrary files by specifying the full file name in the initialization packet.

14 Nov 2000
6.4
CVSS
CVE-1999-0687HIGH

The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.

13 Sep 1999
7.5
CVSS
CVE-1999-0691HIGHpoc

Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.

13 Sep 1999
7.2
CVSS
CVE-1999-0713HIGH

The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.

11 Jun 1999
7.2
CVSS
CVE-1999-0406HIGH

Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege.

19 Feb 1999
7.2
CVSS
CVE-1999-0714LOW

Vulnerability in Compaq Tru64 UNIX edauth command.

15 Feb 1999
2.1
CVSS
CVE-1999-0358HIGH

Digital Unix 4.0 has a buffer overflow in the inc program of the mh package.

1 Feb 1999
7.2
CVSS
CVE-1999-1458HIGH

Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument.

25 Jan 1999
7.2
CVSS
CVE-1999-1558HIGH

Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows unauthorized access when external authentication is enabled.

16 Jul 1998
7.5
CVSS
CVE-1999-0303MEDIUM

Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.

21 May 1998
4.6
CVSS
CVE-1999-1044MEDIUM

Vulnerability in Advanced File System Utility (advfs) in Digital UNIX 4.0 through 4.0d allows local users to gain privileges.

7 May 1998
4.6
CVSS
CVE-1999-0513MEDIUMpoc

ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

5 Jan 1998
5.0
CVSS
CVE-1999-1210HIGH

xterm in Digital UNIX 4.0B *with* patch kit 5 allows local users to overwrite arbitrary files via a symlink attack on a core dump file, which is created when xterm is called with a DISPLAY environmental variable set to a display that xterm cannot access.

12 Nov 1997
7.2
CVSS
CVE-1999-1225MEDIUM

rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not.

24 Aug 1997
5.0
CVSS
CVE-1999-0046CRITICALpoc

Buffer overflow of rlogin program using TERM environmental variable.

6 Feb 1997
10.0
CVSS
CVE-1999-0170HIGH

Remote attackers can mount an NFS file system in Ultrix or OSF, even if it is denied on the access list.

1 Jan 1997
7.5
CVSS
CVE-1999-0128MEDIUMpoc

Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.

18 Dec 1996
5.0
CVSS
CVE-1999-1221LOW

dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file.

17 Nov 1996
2.1
CVSS
CVE-1999-0131HIGH

Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.

11 Sep 1996
7.2
CVSS
CVE-1999-0138HIGH

The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.

26 Jun 1996
7.2
CVSS
CVE-1999-1103MEDIUM

dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arbitrary files by specifying the file with the -file parameter.

3 Apr 1996
4.6
CVSS
CVE-1999-0073CRITICAL

Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.

13 Oct 1995
10.0
CVSS
CVE-1999-1032CRITICAL

Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 allows attackers to gain root privileges.

31 Dec 1991
10.0
CVSS
CVE-1999-1415MEDIUM

Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local users to gain privileges.

23 Aug 1991
4.6
CVSS
CVE-1999-1194HIGHpoc

chroot in Digital Ultrix 4.1 and 4.0 is insecurely installed, which allows local users to gain privileges.

1 May 1991
7.2
CVSS
CVE-1999-1057MEDIUM

VMS 4.0 through 5.3 allows local users to gain privileges via the ANALYZE/PROCESS_DUMP dcl command.

25 Oct 1990
4.6
CVSS
← PrevPage 1 / 1Next →