| New User, Welcome! Login |
Next Page >>
Open VMS
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01539423
Version: 3
HPSBOV02364 SSRT080078 rev.3 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-09-24
Last Updated: 2008-09-24
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01539423
Version: 2
HPSBOV02364 SSRT080078 rev.2 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-09-17
Last Updated: 2008-09-17
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01539423
Version: 1
HPSBOV02364 SSRT080078 rev.1 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-09-10
Last Updated: 2008-09-10
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01414022
Version: 1
HPSBOV02278 SSRT071479 rev.1 - HP OpenVMS SSH Using TCP/IP Services for OpenVMS, Remote Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-03-27
Last Updated: 2008-03-27
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01174368
Version: 1
HPSBOV02261 SSRT071449 rev.1 - HP OpenVMS running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-09-19
Last Updated: 2007-09-19
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03333494
Version: 1
HPSBOV02780 SSRT100766 rev.1 - HP OpenVMS ACMELOGIN, Local Unauthorized
Access and Increased Privileges
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01523520
Version: 1
HPSBOV02357 SSRT080058 rev.1 - HP OpenVMS TCP/IP Services running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-08-13
Last Updated: 2008-08-13
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02227261
Version: 1
HPSBOV02539 SSRT090267 rev.1 - HP OpenVMS Auditing, Local Information Disclosure, Elevation of Privilege, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-07-12
Last Updated: 2010-07-12
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02822093
Version: 1
HPSBOV02634 SSRT100390 rev.1 - HP OpenVMS running Java, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-05-05
Last Updated: 2011-05-05
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02656471
Version: 1
HPSBOV02618 SSRT100354 rev.1 - HP OpenVMS Integrity Servers, Local Denial of Service (DoS), Gain Privileged Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-12-14
Last Updated: 2010-12-14
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01961959
Version: 3
HPSBOV02497 SSRT090245 rev.3 - HP TCP/IP Services for OpenVMS Running NTP, Remote Execution of Arbitrary Code, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-05-17
Last Updated: 2010-05-17
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01961959
Version: 2
HPSBOV02497 SSRT090245 rev.2 - HP TCP/IP Services for OpenVMS Running NTP, Remote Execution of Arbitrary Code, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-03-23
Last Updated: 2010-03-26
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02824440
Version: 1
HPSBOV02682 SSRT100495 rev.1 - HP OpenVMS running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Modification
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-05-05
Last Updated: 2011-05-05
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02824483
Version: 1
HPSBOV02670 SSRT100475 rev.1 - HP OpenVMS running SSL, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-05-05
Last Updated: 2011-05-05
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02824490
Version: 1
HPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-05-05
Last Updated: 2011-05-05
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02227287
Version: 1
HPSBOV02540 SSRT090249 rev.1 - HP SSL for OpenVMS, Remote Unauthorized Data Injection, Denial of Service(Dos)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-06-16
Last Updated: 2010-06-16
sup bugtraq.
Since a group of lads are giving a talk on Hacking OpenVMS at defcon I figured I'd release a vulnerability in the OpenVMS finger service (part of the MultiNet package) to give people a few days to figure out an exploit before the methods are documented for us by the guys giving the talk. (assume they will be)
The MultiNet finger service runs on port 79 by default (like other finger servers) and takes a username to query. A long string (~250+ or so bytes) will cause
a stack overflow, giving control of a saved return address and hence the program counter (PC). Demonstrated below on a public OpenVMS system..
(hopefully the owners won't mind since they seem to encourage OpenVMS hack attempts on their systems)
-----------
On Aug 6, 2008, at 7:08 PM, Shaun Colley wrote:
>
> sup bugtraq.
>
> Since a group of lads are giving a talk on Hacking OpenVMS at defcon
> I figured I'd release a vulnerability in the OpenVMS finger service
> (part of the MultiNet package) to give people a few days to figure
> out an exploit before the methods are documented for us by the guys
> giving the talk. (assume they will be)
>
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01961959
Version: 4
HPSBOV02497 SSRT090245 rev.4 - HP TCP/IP Services for OpenVMS Running NTP, Remote Execution of Arbitrary Code, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-09-19
Last Updated: 2011-09-19
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01915145
Version: 1
HPSBOV02470 SSRT080123 rev.1 - HP TCP/IP Services for OpenVMS Running SMTP Server, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-11-03
Last Updated: 2011-11-03
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01908983
Version: 1
HPSBOV02467 SSRT090152 rev.1 - HP TCP/IP Services for OpenVMS Running POP or IMAP, Remote Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-11-03
Last Updated: 2011-11-03
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01915145
Version: 2
HPSBOV02470 SSRT080123 rev.2 - HP TCP/IP Services for OpenVMS Running SMTP Server, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-11-14
Last Updated: 2011-11-14
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03281869
Version: 1
HPSBOV02765 SSRT100828 rev.1 - HP OpenVMS, local Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2012-04-16
Last Updated: 2012-04-16
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02002308
Version: 1
HPSBOV02506 SSRT090244 rev.1 - HP Secure Web Server for OpenVMS (based on Apache) CSWS, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-03-23
Last Updated: 2010-03-23
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01835459
Version: 1
HPSBOV02452 SSRT090161 rev.1 - HP TCP/IP Services for OpenVMS BIND Server Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-08-06
Last Updated: 2009-08-06
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03281867
Version: 1
HPSBOV02763 SSRT100826 rev.1 - HP Secure Web Server (SWS) for OpenVMS running PHP, Remote Denial of Service (DoS), Unauthorized Access, Privilege escalation, Unauthorized Disclosure of Information, Unauthorized Modification
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2012-04-16
Last Updated: 2012-04-16
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03281831
Version: 1
HPSBOV02762 SSRT100825 rev.1 - HP Secure Web Server (SWS) for OpenVMS running CSWS_JAVA, Remote Denial of Service (DoS), Unauthorized Access, Privilege Escalation, Unauthorized Disclosure of Information, Unauthorized Modification
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2012-04-16
Last Updated: 2012-04-16
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02001423
Version: 1
HPSBOV02505 SSRT100023 rev.1 - HP OpenVMS RMS, Local Escalation of Privilege
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-02-02
Last Updated: 2010-02-02
The Networker software versions affected are incorrectly identified.
The following Networker products are affected by this issue:
* NetWorker Server, Storage Node and Client 7.3.x and 7.4, 7.4.1, 7.4.2
* NetWorker Client and Storage Node for Open VMS 7.3.2 ECO6 and earlier
* NetWorker Module for Microsoft Exchange 5.1 and earlier
* NetWorker Module for Microsoft Applications 2.0 and earlier
* NetWorker Module for Meditech 2.0 and earlier
* NetWorker PowerSnap 2.4 SP1 and earlier
GN = HP General SW
MA = HP Management Agents
MI = Misc. 3rd Party SW
MP = HP MPE/iX
NS = HP NonStop Servers
OV = HP OpenVMS
PI = HP Printing & Imaging
ST = HP Storage SW
TL = HP Trusted Linux
TU = HP Tru64 UNIX
UX = HP-UX
Next Page>>
|
|
|
