CVE-2017-17482: Buffer Overflow
First published: Wed Feb 07 2018(Updated: )
An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is exploitable on VAX and Alpha and may cause a process crash on IA64. Software was affected regardless of whether it was directly shipped by VMS Software, Inc. (VSI), HPE, HP, Compaq, or Digital Equipment Corporation.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HP OpenVMS | <=8.4-2l1 | |
| HP OpenVMS | <=8.4-2l1 | |
| HP OpenVMS | >=4.0 | |
| HP OpenVMS | >=4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- vendor/hp
- canonical/hp openvms
- version/hp openvms/8.4-2l1
- version/hp openvms/4.0