VYPR

Unix

by Digital Project

CVEs (18)

  • CVE-1999-0513Jan 5, 1998
    risk 0.09cvss epss 0.70

    ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

  • CVE-2001-1092Sep 10, 2001
    risk 0.03cvss epss 0.01

    msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mh_profile file.

  • CVE-2001-0369Jun 27, 2001
    risk 0.03cvss epss 0.01

    Buffer overflow in lpsched on DGUX version R4.20MU06 and MU02 allows a local attacker to obtain root access via a long command line argument (non-existent printer name).

  • CVE-1999-0691Sep 13, 1999
    risk 0.03cvss epss 0.01

    Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.

  • CVE-2000-0314Mar 12, 2001
    risk 0.00cvss epss 0.02

    traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.

  • CVE-2000-0315Mar 12, 2001
    risk 0.00cvss epss 0.02

    traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.

  • CVE-2001-0134Mar 12, 2001
    risk 0.00cvss epss 0.04

    Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user name.

  • CVE-2000-0845Nov 14, 2000
    risk 0.00cvss epss 0.01

    kdebug daemon (kdebugd) in Digital Unix 4.0F allows remote attackers to read arbitrary files by specifying the full file name in the initialization packet.

  • CVE-1999-0687Sep 13, 1999
    risk 0.00cvss epss 0.02

    The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.

  • CVE-1999-0713Jun 11, 1999
    risk 0.00cvss epss 0.00

    The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.

  • CVE-1999-0406Feb 19, 1999
    risk 0.00cvss epss 0.00

    Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege.

  • CVE-1999-0714Feb 15, 1999
    risk 0.00cvss epss 0.00

    Vulnerability in Compaq Tru64 UNIX edauth command.

  • CVE-1999-0358Feb 1, 1999
    risk 0.00cvss epss 0.00

    Digital Unix 4.0 has a buffer overflow in the inc program of the mh package.

  • CVE-1999-1458Jan 25, 1999
    risk 0.00cvss epss 0.01

    Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument.

  • CVE-1999-1044May 7, 1998
    risk 0.00cvss epss 0.00

    Vulnerability in Advanced File System Utility (advfs) in Digital UNIX 4.0 through 4.0d allows local users to gain privileges.

  • CVE-1999-1210Nov 12, 1997
    risk 0.00cvss epss 0.00

    xterm in Digital UNIX 4.0B *with* patch kit 5 allows local users to overwrite arbitrary files via a symlink attack on a core dump file, which is created when xterm is called with a DISPLAY environmental variable set to a display that xterm cannot access.

  • CVE-1999-1221Nov 17, 1996
    risk 0.00cvss epss 0.01

    dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file.

  • CVE-1999-0073Oct 13, 1995
    risk 0.00cvss epss 0.03

    Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.