Hermes Bulletin Board Software allows a remote attacker to gain administrative privileges. The flaw is due to a backdoor coded into the software. By logging in with a specific name, phone number and password, any person can gain full administrative control over the BBS.
Cisco IOS contains a flaw that may allow a malicious user to bypass Access Control Lists. The issue is triggered by a combination of configuration options which combine to affect the way certain ACLs are evaluated. It is possible that the flaw may allow unauthorized network traffic resulting in a loss of confidentiality, integrity, and/or availability.
(Description Provided by CVE) : NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 bit UID, which allows a local user to gain root access if the lower 16 bits are set to 0, as fixed by the NFS jumbo patch upgrade.
ViSiON-X contains a flaw that may allow a regular user to gain elevated privileges or execute arbitrary programs. The issue is due to the upload Matrix not properly sanitizing file names and storing files in the main BBS directory. An attacker could upload a file named VISION-X.EXE, COMMAND.COM, or COMMAND.EXE which would be executed the next time the BBS was run.
Ultrix contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when /bin/mail is ran from shell-escape. This will allow a local attacker to gain access to any password submitted to su.
NIS contains a flaw that may allow a malicious user to get password files. The issue is due to the insufficient access control for NIS Query. By guessing and requesting a domain name, a remote attacker can collect a password file from the NIS map replied by a NIS server, resulting in a loss of confidentiality, integrity, and/or availability.
(Description Provided by CVE) : SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3) sendmail, that change the real and effective user ids to the same user.
IBM AIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered by an insecure default configuration of UUCP where users can aquire root privileges. This flaw may lead to a loss of confidentiality and/or integrity.
Several Crypto AG machines based on Boris Hagelin's design are known to have a backdoor in the encryption scheme. In 1957, the United States National Security Agency (NSA) brokered a deal with Hagelin allowing them to place a backdoor into the cipher scheme. This allowed the NSA to trivially access secret communications between two devices, as used by the Iranian Islamic regime, Saddam Hussein, Moammar Gadhafi, Ferdinand Marcos, Idi Amin, and even the Vatican. This backdoored access was shared with intelligence agencies in England as well. Not until 1992 was the backdoor finally published.
The finger service provides information about local users in response to queries from remote systems. This information can include login ids (account names), home directory, the type of local shell, the last time the user logged in, and the remote system the user logged in from. This information can be used for further more focused attacks.
KBBS contains a flaw that may allow a regular user to spoof the system operator (SYSOP) email. The issue is due to the bulletin board accepting white space in user names. This may allow a user to create a name that appears to be the same as the system operator (ie: "John Doe " instead of "John Doe"). Email from such a user may appear to be from the legitimate SYSOP and convince other users to execute commands or perform actions they would not otherwise do.
By default, Oblivion/2 installs with a default password. The SYSOP account has a password of "SYSOP" which is publicly known and documented. This allows attackers to trivially access the program or system.
PCBoard contains a flaw that may allow a user to gain elevated privileges. The issue is due to the system not properly sanitizing input to the OP (Open door) command. If the system allows parameters such as /SYSOP, /DEBUG, or /SEC:255, these parameters can be invoked via the OPEN command to gain privileges.
The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO
warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright
holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.