OSVDB: Open Sourced Vulnerability Database

Browse Database

Browsing Vulnerabilities Disclosed in 1962

	OSVDB ID	Disclosure Date	Title
	80182 [CLOSE] OSVDB ID : 80182 - Disclosed: 1962-04-02 Description: CTSS contains a flaw related to the time usage tracking functionality. The issue is triggered when a local user sends a XEC * (indirect instruction) command to execute a STZ (store zero) instruction to zero out the time usage value. This is possible because the " cumulative time usage for each account was loaded into the operating system every time the associated user’s core image was swapped into memory." This allowed users to bypass any time restrictions imposed on them by system operators.	1962-04-02	IBM 7094 CTSS Indirect Instruction Cumulative Time Usage Restriction Bypass
	80183 [CLOSE] OSVDB ID : 80183 - Disclosed: 1962-04-02 Description: CTSS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a user makes an offline printing request for the UACCNT.SECRET file. This file contains the unencrypted passwords for every user on the system. By using the printing feature, and being the first one to the printing cabinet, a user could gain access to the passwords of every user on the system.	1962-04-02	IBM 7094 CTSS M1416 UACCNT.SECRET Offline Printing User Passwords Local Disclosure

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.