PT-2008-5365 · Hewlett Packard · Openvms For Integrity Servers+1
Published
2008-09-11
·
Updated
2017-08-08
·
CVE-2008-4052
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
OpenVMS for Integrity Servers versions 8.2-1 through 8.3-1H1
OpenVMS ALPHA versions 7.3-2 through 8.3
Description
A stack-based buffer overflow issue in SMGSHR.EXE allows local users to cause a denial of service or gain privileges via unspecified vectors.
Recommendations
For OpenVMS for Integrity Servers versions 8.2-1 through 8.3-1H1, update to a version that includes the fix for this issue.
For OpenVMS ALPHA versions 7.3-2 through 8.3, update to a version that includes the fix for this issue.
As a temporary workaround, consider restricting access to SMGSHR.EXE to minimize the risk of exploitation.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openvms Alpha
Openvms For Integrity Servers