OpenVMS POP server HP TCP/IP services allows elevated privileges
|openvms-pop-gain-privileges (10236)||Medium Risk|
OpenVMS could allow a local attacker to gain elevated privileges on the system, caused by a vulnerability in the HP TCP/IP services for OpenVMS POP server. If the OpenVMS POP server is enabled, a local attacker with limited privileges could exploit this vulnerability to gain unauthorized access to restricted files, and possibly gain elevated privileges on the system.
Upgrade to HP TCP/IP Services for OpenVMS version 5.3 and install ECO 1, as listed in Compaq SECURITY BULLETIN SSRT2371. See References.
- Compaq SECURITY BULLETIN SSRT2371: SSRT2371 HP OpenVMS Potential POP server local vulnerability . (From Neohapsis archive)
- Compaq Web site: HP Customer Care.
- BID-5790: OpenVMS UCX POP Server Arbitrary File Modification Vulnerability
- CVE-2002-1513: The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 allows local users to truncate arbitrary files via the -logfile command line option, which overrides file system permissions because the server runs with the SYSPRV and BYPASS privileges.
- OSVDB ID: 11089: OpenVMS TCP/IP Services UCX POP Server -logfile Command Arbitrary File Truncation
- HP OpenVMS 4.2
- HP OpenVMS 5.0a
- HP OpenVMS 5.1
- HP OpenVMS 5.3
Oct 01, 2002
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this