| OSVDB ID | Disclosure Date | Title |
|---|
|
8752
Description:
(Description Provided by CVE) : Vulnerability in crp in Hewlett Packard Apollo Domain OS SR10 through SR10.3 allows remote attackers to gain root privileges via insecure system calls, (1) pad_$dm_cmd and (2) pad_$def_pfk().
|
1991-12-18
|
HP Apollo crp Multiple System Call Privilege Escalation
|
|
889
Description:
(Description Provided by CVE) : In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system.
|
1991-12-06
|
SunOS Predictable NFS Filehandles Filesystem Access
|
|
11540
Description:
(Description Provided by CVE) : The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions.
|
1991-12-06
|
NFS portmapper localhost Mount Request Restricted Host Access
|
|
14753
Description:
WWIV BBS contains a flaw that may allow a new user to gain elevated privileges. The issue is due to the "auto-validation" feature for new users intended to validate other SYSOPs. It is trivial to provide false information and become instantly validated, potentially getting access to sensitive files or information.
|
1991-11-18
|
WWIV BBS SYSOP Auto-Validation Privilege Escalation
|
|
14754
Description:
By default, WWIV BBS installs with two default passwords. The SYSOP account has a password of "SYSOP" and the !-@NETWORK@-! account has a blank default password which is publicly known and documented. This allows attackers to trivially access the program or system.
|
1991-11-18
|
WWIV BBS Multiple Default Accounts
|
|
45581
Description:
Unknown / Incomplete
|
1991-11-12
|
LOKI Cipher Single Block Hash Mode Equivalent Key Weakness
|
|
88803
Description:
SunOS contains a flaw in fsirand (random number generator) that is due to the program failing to properly randomize information. This may allow an attacker to more easily predict NFS file handles.
|
1991-11-11
|
SunOS fsirand NFS File Handle Prediction Weakness
|
|
88777
Description:
By default, OpenVMS OSI installs with a default password. The osit$default account has no password, which is publicly known and documented. This allows attackers to trivially access the program or system and gain privileged access.
|
1991-11-01
|
OpenVMS OSI Default osit$default Account
|
|
57727
Description:
Unknown / Incomplete
|
1991-10-17
|
IBM AIX TFTP Daemon Unspecified Issue
|
|
45106
Description:
Unknown / Incomplete
|
1991-10-15
|
MD4 Algorithm Hash Function Collision Cryptanalysis Weakness
|
|
8069
Description:
TFTP is not running in a restricted directory allowing a remote attacker to access sensitive information such as password files.
|
1991-09-27
|
TFTP Unrestricted Directory Instance Arbitrary File Access
|
|
8741
Description:
(Description Provided by CVE) : Vulnerability in integer multiplication emulation code on SPARC architectures for SunOS 4.1 through 4.1.2 allows local users to gain root access or cause a denial of service (crash).
|
1991-09-19
|
SunOS Integer Multiplication Emulation Code Local Privilege Escalation (Divide-by-Zero)
|
|
88802
Description:
BSD ships an rdist binary that contains a flaw as the program creates temporary files insecurely. It is possible for a local attacker to use a symlink attack against an unspecified file to cause a race condition which may allow them to modify their own permissions in order to gain escalated privileges via access to an arbitrary file.
|
1991-09-11
|
BSD rdist Symlink Race Condition Arbitrary File Permission Modification Local Privilege Escalation
|
|
88801
Description:
Encore ships an rdist binary that contains a flaw as the program creates temporary files insecurely. It is possible for a local attacker to use a symlink attack against an unspecified file to cause a race condition which may allow them to modify their own permissions in order to gain escalated privileges via access to an arbitrary file.
|
1991-09-11
|
Encore rdist Symlink Race Condition Arbitrary File Permission Modification Local Privilege Escalation
|
|
88800
Description:
CCI PowerNode ships an rdist binary that contains a flaw as the program creates temporary files insecurely. It is possible for a local attacker to use a symlink attack against an unspecified file to cause a race condition which may allow them to modify their own permissions in order to gain escalated privileges via access to an arbitrary file.
|
1991-09-11
|
CCI PowerNode rdist Symlink Race Condition Arbitrary File Permission Modification Local Privilege Escalation
|
|
88799
Description:
IBM AIX ships an rdist binary that contains a flaw as the program creates temporary files insecurely. It is possible for a local attacker to use a symlink attack against an unspecified file to cause a race condition which may allow them to modify their own permissions in order to gain escalated privileges via access to an arbitrary file.
|
1991-09-11
|
IBM AIX rdist Symlink Race Condition Arbitrary File Permission Modification Local Privilege Escalation
|
|
88798
Description:
SunOS ships an rdist binary that contains a flaw as the program creates temporary files insecurely. It is possible for a local attacker to use a symlink attack against an unspecified file to cause a race condition which may allow them to modify their own permissions in order to gain escalated privileges via access to an arbitrary file.
|
1991-09-11
|
SunOS rdist Symlink Race Condition Arbitrary File Permission Modification Local Privilege Escalation
|
|
9719
Description:
(Description Provided by CVE) : The default configuration of NCSA Telnet package for Macintosh and PC enables FTP, even though it does not include an "ftp=yes" line, which allows remote attackers to read and modify arbitrary files.
|
1991-09-10
|
NCSA Telnet Package FTP Enable Arbitrary File Modification
|
|
8749
Description:
(Description Provided by CVE) : Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local users to gain privileges.
|
1991-08-24
|
Ultrix /usr/bin/mail Local Privilege Escalation
|
|
57744
Description:
Unknown / Incomplete
|
1991-08-23
|
SunOS NIS Predictable Domainname Remote Privilege Escalation
|
|
57479
Description:
Unknown / Incomplete
|
1991-08-21
|
IBM AFS RX Connection Peer Connection Structure IP Injection MiTM Weakness
|
|
9020
Description:
(Description Provided by CVE) : lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.
|
1991-08-19
|
Multiple Vendor lpr 1000x Symlink Arbitrary File Create/Overwrite
|
|
45179
Description:
Unknown / Incomplete
|
1991-08-11
|
BassOmatic Algorithm Multiple Unspecified Cryptanalysis Weaknesses
|
|
52418
Description:
Unknown / Incomplete
|
1991-08-11
|
REDOC II Algorithm Differential Attack Cryptanalysis Weakness
|
|
888
Description:
(Description Provided by CVE) : Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 allows attackers to gain root privileges.
|
1991-08-01
|
Ultrix LAT/Telnet Gateway (/usr/etc/telnetd.gw) Local Privilege Escalation
|
|
17065
Description:
Unknown / Incomplete
|
1991-07-28
|
KSH suid_exec Unspecified File Permission Check Issue
|
|
17066
Description:
Unknown / Incomplete
|
1991-07-28
|
KSH suid_exec Unspecified Interpreter Verification Issue
|
|
25087
Description:
Unknown / Incomplete
|
1991-06-01
|
Empire Server decl Command Remote DoS
|
|
17277
Description:
SunOS lpd contains a flaw that may allow a malicious local user to overwrite or delete arbitrary files on the system. The issue is due to the program not checking user input and creating files insecurely. It is possible for a user to use lpd to manipulate arbitrary files, resulting in a loss of availability.
|
1991-05-31
|
SunOS lpd Arbitrary File Deletion
|
|
25088
Description:
Unknown / Incomplete
|
1991-05-25
|
Empire Server flash Remote DoS
|
|
887
Description:
(Description Provided by CVE) : Vulnerability in login in AT&T System V Release 4 allows local users to gain privileges.
|
1991-05-23
|
Unix SysV R4 /bin/login Unspecified Local Privilege Escalation
|
|
88797
Description:
SunOS contains a flaw that leads to unauthorized privileges being gained. The issue is due to insecure permissions being set for /dev/fd, which may allow a local attacker to add a setuid bit to any file or create a new device with escalated permissions when a floppy is mounted.
|
1991-05-09
|
SunOS /dev/fd Floppy Permission Weakness Local Privilege Escalation
|
|
885
Description:
(Description Provided by CVE) : chroot in Digital Ultrix 4.1 and 4.0 is insecurely installed, which allows local users to gain privileges.
|
1991-05-01
|
Ultrix /usr/bin/chroot Local Privilege Escalation
|
|
886
Description:
(Description Provided by CVE) : The "me" user in NeXT NeXTstep 2.1 and earlier has wheel group privileges, which could allow the me user to use the su command to become root.
|
1991-05-01
|
NeXTstep me Account Group Privilege Escalation
|
|
12951
Description:
(Description Provided by CVE) : The installation of Sun Source (sunsrc) tapes allows local users to gain root privileges via setuid root programs (1) makeinstall or (2) winstall.
|
1991-05-01
|
Sun Source (sunsrc) makeinstall Local Privilege Escalation
|
|
12952
Description:
(Description Provided by CVE) : The installation of Sun Source (sunsrc) tapes allows local users to gain root privileges via setuid root programs (1) makeinstall or (2) winstall.
|
1991-05-01
|
Sun Source (sunsrc) winstall Local Privilege Escalation
|
|
88796
Description:
SunOS contains a flaw in the Loopback Filesystem (LOFS). This issue may allow an attacker to delete arbitrary read-only files due to a flaw in the file system's handling of file ownership.
|
1991-04-25
|
SunOS Loopback FileSystem (LOFS) Arbitrary Read-only File Deletion
|
|
8106
Description:
rdist contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the IFS variable is modified which may allow a user to set arbitrary local programs SUID. This flaw may lead to a loss of confidentiality and integrity.
|
1991-04-23
|
Multiple UNIX Vendor rdist popen IFS Variable Privilege Escalation
|
|
45105
Description:
Unknown / Incomplete
|
1991-04-09
|
FEAL-N Algorithm Differential Chosen-plaintext Attack Cryptanalysis Weakness
|
|
45104
Description:
Unknown / Incomplete
|
1991-04-09
|
FEAL-NX Algorithm Differential Chosen-plaintext Attack Cryptanalysis Weakness
|
