Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3940

Overview

Vulnerability Score 4.4 4.4
CVE Id CVE-2008-3940
Last Modified 07 Mar 2011 10:11:41
Published 05 Sep 2008 11:08:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3940

Summary

Format string vulnerability in the finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to gain privileges via format string specifiers in a (1) .plan or (2) .project file.

Vulnerable Systems

Application

  • Hp Openvms 5


References

XF - hp-tcpipservices-openvms-code-execution(44752)

VUPEN - ADV-2008-2463

BID - 30948

SECUNIA - 31587

MISC - http://deathrow.vistech.net/DEFCON16/VMS.PDF


Last Updated: 27 May 2016 10:48:20