CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Compaq » Tru64 : Security Vulnerabilities Published In 2002

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2002-2071 DoS 2002-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Compaq Tru64 4.0 d allows remote attackers to cause a denial of service in (1) telnet, (2) FTP, (3) ypbind, (4) rpc.lockd, (5) snmp, (6) ttdbserverd, and possibly other services via a TCP SYN scan, as demonstrated using nmap.
2 CVE-2002-2004 DoS 2002-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
portmapper in Compaq Tru64 4.0G and 5.0A allows remote attackers to cause a denial of service via a flood of packets.
3 CVE-2002-2003 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
ypbind in Compaq Tru64 4.0F, 4.0G, 5.0A, 5.1 and 5.1A allows remote attackers to cause the process to core dump via certain network packets generated by nmap.
4 CVE-2002-2002 Exec Code Overflow 2002-12-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long (1) LANG and (2) LOCPATH environment variables.
5 CVE-2002-1202 2002-10-28 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Unknown vulnerability in routed for HP Tru64 UNIX V4.0F through V5.1A allows local and remote attackers to read arbitrary files.
6 CVE-2002-1129 Exec Code Overflow 2002-10-04 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in dxterm allows local users to execute arbitrary code via a long -xrm argument.
7 CVE-2002-0816 Overflow +Priv 2002-08-12 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in su in Tru64 Unix 5.x allows local users to gain root privileges via a long username and argument.
8 CVE-2002-0679 Exec Code Overflow 2002-09-05 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
9 CVE-2002-0678 2002-07-23 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
10 CVE-2002-0677 +Priv 2002-07-23 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
11 CVE-2002-0093 Exec Code Overflow 2002-09-05 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in ipcs for HP Tru64 UNIX 4.0f through 5.1a may allow attackers to execute arbitrary code, a different vulnerability than CVE-2001-0423.
Total number of vulnerabilities : 11   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.