CVE-2002-1513

HP TCP/IP services for OpenVMS <5.3 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-1513. PoCs published by Mike Riley.

AI-analyzed exploit summary This exploit leverages a vulnerability in the UCX POP server on OpenVMS, allowing a local user to overwrite arbitrary files by manipulating the logfile parameter. The PoC demonstrates this by attempting to write to a restricted system file.

Description

The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 allows local users to truncate arbitrary files via the -logfile command line option, which overrides file system permissions because the server runs with the SYSPRV and BYPASS privileges.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Mike Riley · textlocalmultiple
https://www.exploit-db.com/exploits/21856

This exploit leverages a vulnerability in the UCX POP server on OpenVMS, allowing a local user to overwrite arbitrary files by manipulating the logfile parameter. The PoC demonstrates this by attempting to write to a restricted system file.

Classification
Working Poc 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: UCX POP Server on OpenVMS
Auth required
Prerequisites: Local access to the OpenVMS system · UCX POP server installed
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5790
Patch, Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10236.php
Exploit, Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://online.securityfocus.com/archive/1/293070
Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-10/0010.html
Third Party Advisory vendor-advisory x_refsource_compaq
http://archives.neohapsis.com/archives/compaq/2002-q4/0000.html

Scores

EPSS 0.0078
EPSS Percentile 51.4%

Details

Status published
Products (4)
compaq/tcp-ip_services 4.2
compaq/tcp-ip_services 5.0a
compaq/tcp-ip_services 5.1
compaq/tcp-ip_services 5.3
Published Apr 02, 2003
Tracked Since Feb 18, 2026