Vulnerability Details CVE-2008-3940
Format string vulnerability in the finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to gain privileges via format string specifiers in a (1) .plan or (2) .project file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.2%
CVSS Severity
CVSS v2 Score 4.4
References
- http://deathrow.vistech.net/DEFCON16/VMS.PDF
- http://secunia.com/advisories/31587
- http://www.securityfocus.com/bid/30948
- http://www.vupen.com/english/advisories/2008/2463
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44752
- http://deathrow.vistech.net/DEFCON16/VMS.PDF
- http://secunia.com/advisories/31587
- http://www.securityfocus.com/bid/30948
- http://www.vupen.com/english/advisories/2008/2463
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44752