Format String Vulnerability in HP TCP/IP Services for OpenVMS
CVE-2008-3940

Currently unrated

Key Information:

Vendor: HP
Status: Openvms
Vendor: CVE Published:; 5 September 2008

Summary

This vulnerability allows local users to escalate privileges through format string specifiers in their .plan or .project files within HP TCP/IP Services for OpenVMS 5.x. By manipulating these files, an attacker can exploit improper handling of input, potentially gaining unauthorized access to higher privilege levels.

References

http://secunia.com/advisories/31587

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2008/2463

vdb-entryx_refsource_VUPEN

https://exchange.xforce.ibmcloud.com/vulnerabilities/44752

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Sep 5, 2008
Vulnerability Reserved
Sep 5, 2008