PT-2008-5276 · Hewlett Packard · Hp Tcp/Ip Services For Openvms

Publicado

2008-09-05

Atualizado

2017-08-08

CVE-2008-3946

CVSS v2.0

4.9

Média

Vetor

AV:L/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions HP TCP/IP Services for OpenVMS version 5.x

Description The issue allows local users to read arbitrary files. This is achieved through a link corresponding to a .plan or .project file in the finger client.

Recommendations For HP TCP/IP Services for OpenVMS version 5.x, consider restricting access to the finger client until a fix is available. As a temporary workaround, limit the ability of local users to create links to .plan or .project files.

Correção

Link Following

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-59

Identificadores relacionados

CVE-2008-3946

Produtos afetados

Hp Tcp/Ip Services For Openvms

PT-2008-5276 · Hewlett Packard · Hp Tcp/Ip Services For Openvms

CVE-2008-3946

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3