CVE-2002-1513
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
02/04/2003
Last modified:
03/04/2025
Description
The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 allows local users to truncate arbitrary files via the -logfile command line option, which overrides file system permissions because the server runs with the SYSPRV and BYPASS privileges.
Impact
Base Score 2.0
4.60
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:compaq:tcp-ip_services:4.2:*:openvms:*:*:*:*:* | ||
| cpe:2.3:o:compaq:tcp-ip_services:5.0a:*:openvms:*:*:*:*:* | ||
| cpe:2.3:o:compaq:tcp-ip_services:5.1:*:openvms:*:*:*:*:* | ||
| cpe:2.3:o:compaq:tcp-ip_services:5.3:*:openvms:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://archives.neohapsis.com/archives/bugtraq/2002-10/0010.html
- http://archives.neohapsis.com/archives/compaq/2002-q4/0000.html
- http://online.securityfocus.com/archive/1/293070
- http://www.iss.net/security_center/static/10236.php
- http://www.securityfocus.com/bid/5790
- http://archives.neohapsis.com/archives/bugtraq/2002-10/0010.html
- http://archives.neohapsis.com/archives/compaq/2002-q4/0000.html
- http://online.securityfocus.com/archive/1/293070
- http://www.iss.net/security_center/static/10236.php
- http://www.securityfocus.com/bid/5790