Digital VMS 5.0 up to 5.4.2 Monitor Utility sys$share:spishr.exe privileges management

entryeditHistoryDiffjsonxmlCTI

A vulnerability was found in Digital VMS 5.0 up to 5.4.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file sys$share:spishr.exe of the component Monitor Utility. Upgrading to version 5.4.3 eliminates this vulnerability.

Field06/16/2014 03:31 PM05/17/2018 09:09 AM
vendorDigitalDigital
nameVMSVMS
version5.0/5.0.1/5.0.2/5.1/5.1.1/5.1.2/5.1b/5.2/5.2.1/5.3/5.3.1/5.3.2/5.4/5.4.1/5.4.25.0/5.0.1/5.0.2/5.1/5.1.1/5.1.2/5.1b/5.2/5.2.1/5.3/5.3.1/5.3.2/5.4/5.4.1/5.4.2
componentMonitor UtilityMonitor Utility
filesys$share:spishr.exesys$share:spishr.exe
risk11
historic00
cvss2_vuldb_basescore7.27.2
cvss2_vuldb_tempscore6.36.3
cvss2_vuldb_avLL
cvss2_vuldb_acLL
cvss2_vuldb_auNN
cvss2_vuldb_ciCC
cvss2_vuldb_iiCC
cvss2_vuldb_aiCC
cvss3_meta_basescore8.48.4
cvss3_meta_tempscore8.08.0
cvss3_vuldb_basescore8.48.4
cvss3_vuldb_tempscore8.08.0
date721958400 (11/17/1992)721958400 (11/17/1992)
locationCERT.orgCERT.org
typeAdvisoryAdvisory
urlhttp://www.cert.org/advisories/CA-1992-18.htmlhttp://www.cert.org/advisories/CA-1992-18.html
identifierCA-1992-18CA-1992-18
disputed00
price_0day$0-$5k$0-$5k
nameUpgradeUpgrade
upgrade_version5.4.35.4.3
cveCVE-1999-1395CVE-1999-1395
cve_nvd_published721958400721958400
cve_nvd_summaryvulnerability in monitor utility (sys$share:spishr.exe) in vms 5.0 through 5.4-2 allows local users to gain privileges.vulnerability in monitor utility (sys$share:spishr.exe) in vms 5.0 through 5.4-2 allows local users to gain privileges.
osvdb5933259332
osvdb_titleVMS Monitor Utility (SYS$SHARE:SPISHR.EXE) Local Privilege EscalationVMS Monitor Utility (SYS$SHARE:SPISHR.EXE) Local Privilege Escalation
securityfocus5151
securityfocus_date711763200 (07/22/1992)711763200 (07/22/1992)
securityfocus_classUnknownUnknown
cwe269 (privilege escalation)269 (privilege escalation)
cvss3_vuldb_uiNN
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcXX
cvss3_vuldb_avLL
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_sUU
cvss3_vuldb_cHH
cvss3_vuldb_iHH
cvss3_vuldb_aHH
cvss2_nvd_avL
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciC
cvss2_nvd_iiC
cvss2_nvd_aiC
osvdb_create1256583892

Interested in the pricing of exploits?

See the underground prices here!