[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <7241343.1032520177@[10.10.10.146]>
From: iaf at cert.org (Ian A. Finlay)
Subject: iDEFENSE OSF1/Tru64 3.x vuln clarification
Hi KF et al.,
> This was the information CERT STILL has not released... (included in our
> labor day release)
Most of them have been published (see http://www.kb.cert.org/vuls). Some
are still pending, and we will get them out as soon as we can. Thanks again
for reporting these to us Kevin.
VU#612833 08/30/2002 HP Tru64 UNIX "ping" contains locally exploitable
vulnerability (SSRT2229)
VU#846307 08/30/2002 HP Tru64 UNIX "dxsysinfo" contains buffer overflow
(SSRT2275)
VU#693803 08/30/2002 HP Tru64 UNIX "dxpause" contains buffer overflow
(SSRT2275)
VU#584243 08/30/2002 HP Tru64 UNIX "dtsession" contains buffer overflow
(SSRT2282)
VU#320067 08/30/2002 HP Tru64 UNIX "dtterm" contains buffer overflow
(SSRT2280)
VU#408771 08/30/2002 HP Tru64 UNIX "mailcv" contains buffer overflow
(SSRT2193)
VU#506441 08/30/2002 HP Tru64 UNIX ".upd..loader" contains buffer overflow
(SSRT2275)
VU#416427 05/09/2002 HP Tru64 UNIX "deliver" contains buffer overflow
(SSRT2275)
VU#567963 08/30/2002 HP Tru64 UNIX "imapd" contains buffer overflow
(SSRT2275)
VU#531355 08/30/2002 HP Tru64 UNIX "rdist" contains buffer overflow
(SSRT2275)
VU#916443 09/10/2001 HP Tru64 UNIX "msgchk" contains buffer overflow
(SSRT2275)
VU#592515 08/30/2002 HP Tru64 UNIX "inc" contains buffer overflow (SSRT2275)
VU#158499 08/30/2002 HP Tru64 UNIX "csh" contains buffer overflow (SSRT2275)
VU#448987 08/30/2002 HP Tru64 UNIX "uucp" contains buffer overflow
(SSRT2275)
VU#437899 08/30/2002 HP Tru64 UNIX "uux" contains buffer overflow (SSRT2275)
VU#173977 08/30/2002 HP Tru64 UNIX "ps" contains buffer overflow (SSRT2256)
VU#115731 05/22/2002 HP Tru64 UNIX "quot" contains buffer overflow
(SSRT2191)
VU#435611 08/30/2002 HP Tru64 UNIX "at" contains buffer overflow (SSRT2189)
VU#771155 07/19/2002 HP Tru64 UNIX "ipcs" contains buffer overflow
(SSRT0794U)
VU#602009 08/30/2002 HP Tru64 UNIX "binmail" contains buffer overflow
(SSRT0796U)
VU#955065 08/30/2002 HP Tru64 UNIX "lpd" contains buffer overflow (SSRT2275)
VU#651377 08/30/2002 HP Tru64 UNIX "lpr" contains buffer overflow (SSRT2275)
VU#557481 08/30/2002 HP Tru64 UNIX "lpq" contains buffer overflow (SSRT2275)
VU#293305 08/30/2002 HP Tru64 UNIX "lprm" contains buffer overflow
(SSRT2260)
VU#965097 08/30/2002 HP Tru64 UNIX "lpc" contains buffer overflow (SSRT2260)
VU#629289 08/30/2002 HP Tru64 UNIX "traceroute" contains buffer overflow
(SSRT2261)
VU#177067 08/01/2002 HP Tru64 UNIX "passwd" contains buffer overflow
(SSRT2192)
VU#706817 08/31/2002 HP Tru64 UNIX "ypmatch" contains buffer overflow
(SSRT2277)
VU#193347 04/17/2002 HP Tru64 UNIX contains buffer overflow in libc
libraries (SSRT2257)
Regards,
Ian
Internet Systems Security Analyst - CERT/CC Operations
Networked Systems Survivability Program
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
CERT (R) Coordination Center Email: cert@...t.org
Software Engineering Institute WWW: http://www.cert.org
Carnegie Mellon University Hotline: +1-412-268-7090
Pittsburgh, PA USA 15213-3890 FAX: +1-412-268-6989
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Powered by blists - more mailing lists