CVE-2007-0139

Name of the Vulnerable Software and Affected Versions DECnet/OSI versions 7.3 through 7.3-2

Description The issue allows attackers to obtain unintended privileged access to data and system resources. It is related to the following components: (1) [SYSEXE]CTF$UI.EXE, (2) [SYSMSG]CTF$MESSAGES.EXE, (3) [SYSHLP]CTF$HELP.HLB, and (4) [SYSMGR]CTF$STARTUP.COM.

Recommendations For DECnet/OSI versions 7.3 through 7.3-2, consider restricting access to the affected components, such as [SYSEXE]CTF$UI.EXE, [SYSMSG]CTF$MESSAGES.EXE, [SYSHLP]CTF$HELP.HLB, and [SYSMGR]CTF$STARTUP.COM, to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.