[CLOSE] OSVDB ID : 22137 - Disclosed: 1972-10-01

Description:

GCOS-III contains a flaw that may allow a local user to bypass system restrictions. By issuing a crafted sequence to the Assigned GO TO of the TS FOTRAN compiler, it is possible to manipulate the index register value to point to an alternate array. The alternate array could contain instructions that would be executed outside the security envelope.

[CLOSE] OSVDB ID : 22138 - Disclosed: 1972-10-01

Description:

GCOS-III contains a flaw that may allow a local user to gain elevated privileges. The issue is due to the buffer space made available by the caller to the File System (FILSYS) modules not being zeroed out before return to the caller. By supplying a systematic value to the System Master Catalog (SMC), FILESYS would return an error but not zero the buffer, which could disclose sensitive information such as user login and passwords.

[CLOSE] OSVDB ID : 23199 - Disclosed: 1972-01-01

Description:

TENEX contains a flaw that may allow a local attacker to more trivially guess user passwords. By carefully examining the virtual memory paging timing for differential timing for page faults, it is possible to determine if a specific character matched a portion of the password. By performing this timing attack for each character of a password, an attacker could effectively brute force a relatively strong password in a matter of minutes, instead of having to exhaust a majority of the possible password space.