OpenVMS Alpha Command Line Overflow Lets Local Users Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1020827
|
|
SecurityTracker URL: http://securitytracker.com/id?1020827
|
|
CVE Reference: CVE-2008-3947
(Links to External Site)
|
Date: Sep 9 2008
|
Impact: User access via local system
|
Exploit Included: Yes
|
Version(s): 8.3
|
Description: A vulnerability was reported in OpenVMS. A local user can obtain elevated privileges on the target system.
A local user can supply a specially crafted command line entry to execute arbitrary commands on the target system with elevated privileges.
Only
Alpha-based systems are affected.
Claes Nyberg, Christer Oberg, and James Tusini reported this vulnerability.
The original
advisory is available at:
http://deathrow.vistech.net/DEFCON16/VMS.PDF
|
Impact: A local user can obtain elevated privileges on the target system.
|
Solution: No solution was available at the time of this entry.
|
Vendor URL: www.hp.com/ (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: OpenVMS
|
|
Message History:
None.
|
Source Message Contents
|
Date: Mon, 8 Sep 2008 21:47:15 -0400
Subject: OpenVMS
|
http://deathrow.vistech.net/DEFCON16/VMS.PDF
CVE-2008-3947
|
|
