Some unspecified SCADA equipment found in U.S. nuclear power plants contain a flaw that may allow a remote denial of service. The issue is triggered when a certain frequency of portable radio transmissions interfere with systems, causing them to shutdown. This may lead to a situation where critical safety equipment is not available, leading to additional issues in the plant.
Sendmail contains a flaw that may allow a remote attacker to gain access to unauthorized privileges. The issue is triggered when the 'wiz' command is enabled by default, which may allow a remote attacker to gain access to root privileges, resulting in a loss of integrity.
Multiple Unix versions contain a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an unprivileged user is able to access and read the /dev/kmem device content, which will disclose sensitive information such as passwords or email content information resulting in a loss of confidentiality.
Sendmail contains a flaw that may allow a local attacker to gain privileges. The issue occurs when a user is able to 'freeze' the configuration file without having proper ownership of the .fc file. No further details have been provided.
The telnet protocol may allow a remote attacker to gain access to sensitive information. The issue is due to the protocol not encrypting the traffic sent between two machines. This allows an attacker with access to the network to potentially monitor or 'sniff' the traffic. Any information transmitted including logins, passwords and sensitive information may be disclosed to any attacker on the same subnet.
An overflow exists in Sendmail. The smtpmessage functionality fails to properly handle buffer input resulting in an overflow. With a specially crafted request, an attacker can cause the execution of arbitrary code. No further details have been provided.
By default, PCBoard installs with a default password. The SYSOP account has a password of "SYSOP" which is publicly known and documented. This allows attackers to trivially access the program or system.
The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO
warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright
holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.