OpenVMS Exception Handling Local Denial of Service Vulnerability
BID:23744
Info
OpenVMS Exception Handling Local Denial of Service Vulnerability
| Bugtraq ID: | 23744 |
| Class: | Unknown |
| CVE: |
CVE-2007-2468 |
| Remote: | No |
| Local: | Yes |
| Published: | May 01 2007 12:00AM |
| Updated: | May 07 2015 05:39PM |
| Credit: | This vulnerability was disclosed by the vendor. |
| Vulnerable: |
HP OpenVMS 8.3 Integrity HP OpenVMS 8.2-1 Integrity |
| Not Vulnerable: | |
Discussion
OpenVMS Exception Handling Local Denial of Service Vulnerability
OpenVMS is prone to a local denial-of-service vulnerability because the operating system fails to handle exceptions properly.
Attackers must have AUDIT privileges to exploit this issue. This privilege is not commonly granted to normal users.
A local attacker can exploit this vulnerability to crash affected computers, denying service to legitimate users.
Few technical details are currently available. We will update this BID as more information emerges.
OpenVMS is prone to a local denial-of-service vulnerability because the operating system fails to handle exceptions properly.
Attackers must have AUDIT privileges to exploit this issue. This privilege is not commonly granted to normal users.
A local attacker can exploit this vulnerability to crash affected computers, denying service to legitimate users.
Few technical details are currently available. We will update this BID as more information emerges.
Exploit / POC
OpenVMS Exception Handling Local Denial of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
OpenVMS Exception Handling Local Denial of Service Vulnerability
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
HP OpenVMS 8.2-1 Integrity
HP OpenVMS 8.3 Integrity
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
HP OpenVMS 8.2-1 Integrity
-
HP VMS821I_SYS-V0400.ZIPEXE
ftp://ftp.itrc.hp.com/openvms_patches/i64/V8.2-1/VMS821I_SYS-V0400.ZIP EXE
HP OpenVMS 8.3 Integrity
-
HP VMS83I_SYS-V0200.ZIPEXE
ftp://ftp.itrc.hp.com/openvms_patches/i64/V8.3/VMS83I_SYS-V0200.ZIPEXE
References
OpenVMS Exception Handling Local Denial of Service Vulnerability
References:
References:
- OpenVMS Home Page (HP)
- VMS821I_SYS-V0400 (HP)
- VMS83I_SYS-V0200 (HP)