CVE-2008-5417

low

HPE

CVSS v3 Base Score

2.1

AV:L/AC:L/Au:N/C:N/I:P/A:N

EPSS Score

0.1%

Exploitation probability in 30 days

Top 77% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Confidentiality

None

Integrity

Availability

None

Published: December 10, 2008 (6364 days ago)

Last Modified: April 23, 2026

Vendor: HPE

Source: NVD

Description

HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions and modify this table via the (1) SYS$CRELNM and (2) SYS$DELLNM system services.

CWE

CWE-264

Affected Products

hp decnet plus for openvms

References

🔗 ftp.itrc.hp.com 🔗 secunia.com 🔗 securitytracker.com 🔗 ftp.itrc.hp.com 🔗 secunia.com

CVE-2008-5417

Vulnerability Report

Description

CWE

Affected Products

References