OpenVMS 5.3/6.2/7.x UCX POP Server Arbitrary File Modification Vulnerability

ID SSV:75675
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


An issue with the UCX POP (Post Office Protocol) server used by OpenVMS has been reported. It is possible for a malicous local user to overwrite arbitrary files on the filesystem by exploiting a vulnerability in the UCX POP server.

$ break_it :== $sys$system:ucx$pop_server.exe
$ break_it -logfile sys$system:I_SHOULDNT_BE_ABLE_TO_WRITE_HERE