| OSVDB ID | Disclosure Date | Title |
|---|
|
14753
Description:
WWIV BBS contains a flaw that may allow a new user to gain elevated privileges. The issue is due to the "auto-validation" feature for new users intended to validate other SYSOPs. It is trivial to provide false information and become instantly validated, potentially getting access to sensitive files or information.
|
1991-11-18
|
WWIV BBS SYSOP Auto-Validation Privilege Escalation
|
|
14754
Description:
By default, WWIV BBS installs with two default passwords. The SYSOP account has a password of "SYSOP" and the !-@NETWORK@-! account has a blank default password which is publicly known and documented. This allows attackers to trivially access the program or system.
|
1991-11-18
|
WWIV BBS Multiple Default Accounts
|
|
45581
Description:
Unknown / Incomplete
|
1991-11-12
|
LOKI Cipher Single Block Hash Mode Equivalent Key Weakness
|
|
88803
Description:
SunOS contains a flaw in fsirand (random number generator) that is due to the program failing to properly randomize information. This may allow an attacker to more easily predict NFS file handles.
|
1991-11-11
|
SunOS fsirand NFS File Handle Prediction Weakness
|
|
88777
Description:
By default, OpenVMS OSI installs with a default password. The osit$default account has no password, which is publicly known and documented. This allows attackers to trivially access the program or system and gain privileged access.
|
1991-11-01
|
OpenVMS OSI Default osit$default Account
|
