CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Compaq » Tru64 » 4.0f * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2003-0914 2003-12-15 2018-10-30
4.3
None Remote Medium Not required None Partial None
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
2 CVE-2003-0694 Exec Code Overflow 2003-10-06 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
3 CVE-2003-0201 Exec Code Overflow 2003-05-05 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
4 CVE-2003-0196 DoS Exec Code Overflow 2003-05-05 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.
5 CVE-2003-0161 DoS Exec Code Overflow 2003-04-02 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.
6 CVE-2002-2003 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
ypbind in Compaq Tru64 4.0F, 4.0G, 5.0A, 5.1 and 5.1A allows remote attackers to cause the process to core dump via certain network packets generated by nmap.
7 CVE-2002-2002 Exec Code Overflow 2002-12-31 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long (1) LANG and (2) LOCPATH environment variables.
8 CVE-2002-1129 Exec Code Overflow 2002-10-04 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in dxterm allows local users to execute arbitrary code via a long -xrm argument.
9 CVE-2002-0816 Overflow +Priv 2002-08-12 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in su in Tru64 Unix 5.x allows local users to gain root privileges via a long username and argument.
10 CVE-2002-0679 Exec Code Overflow 2002-09-05 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
11 CVE-2002-0678 2002-07-23 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
12 CVE-2002-0677 +Priv 2002-07-23 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
13 CVE-2002-0093 Exec Code Overflow 2002-09-05 2011-03-08
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in ipcs for HP Tru64 UNIX 4.0f through 5.1a may allow attackers to execute arbitrary code, a different vulnerability than CVE-2001-0423.
14 CVE-2001-1093 Exec Code Overflow 2001-09-10 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows local users to execute arbitrary code via a long command line argument.
15 CVE-2001-1092 2001-09-10 2017-12-19
2.1
None Local Low Not required Partial None None
msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mh_profile file.
Total number of vulnerabilities : 15   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.