[Info-vax] HP OpenVMS, local Denial of Service - HP Security Bulletin
JF Mezei
jfmezei.spamnot at vaxination.ca
Fri Apr 20 15:32:26 EDT 2012
Jeff Goodwin wrote:
> I would hope that HP would not be releasing information on how
> non-privileged users could easily crash systems.
Now that patches are only for customers on paid support, then it is to
HP's advantage to publish the vulnerability. Those who aren't paying for
support will see their system crash all the time because of users
issuing that command.
Saying that it was related to SET.EXE and causes system to crash would
have been enough in my opinion. This tells you it is a command available
to everyone, that it is not internet related and not really a "denial of
service" type of attack.
More information about the Info-vax
mailing list