Vulnerability Description
HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions and modify this table via the (1) SYS$CRELNM and (2) SYS$DELLNM system services.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Decnet Plus For Openvms | 8.3 |
| Hp | Openvms | 8.3 |
Related Weaknesses (CWE)
References
- ftp://ftp.itrc.hp.com/openvms_patches/alpha/V8.3/AXP_DNVOSIECO03-V83.txt
- http://secunia.com/advisories/33028Vendor Advisory
- http://securitytracker.com/id?1021364
- ftp://ftp.itrc.hp.com/openvms_patches/alpha/V8.3/AXP_DNVOSIECO03-V83.txt
- http://secunia.com/advisories/33028Vendor Advisory
- http://securitytracker.com/id?1021364
FAQ
What is CVE-2008-5417?
CVE-2008-5417 is a vulnerability with a CVSS score of 2.1 (LOW). HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions...
How severe is CVE-2008-5417?
CVE-2008-5417 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5417?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Decnet Plus For Openvms, Hp Openvms.