Description
The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files via a link corresponding to a (1) .plan or (2) .project file.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/45135
Various Sources x_refsource_misc
http://deathrow.vistech.net/DEFCON16/VMS.PDF
Scores
EPSS
0.0006
EPSS Percentile
20.3%
Details
CWE
CWE-59
Status
published
Products (1)
hp/openvms
5
Published
Sep 05, 2008
Tracked Since
Feb 18, 2026