[Info-vax] DCL vulnerability write up on The Register
Simon Clubley
clubley at remove_me.eisner.decus.org-Earth.UFP
Sun Feb 18 03:51:20 EST 2018
On 2018-02-17, neillclift at gmail.com <neillclift at gmail.com> wrote:
> On Tuesday, February 6, 2018 at 5:07:40 AM UTC-8, Simon Clubley wrote:
>> The DCL vulnerability now has an article at The Register:
>>
>> https://www.theregister.co.uk/2018/02/06/openvms_vulnerability/
>>
>
> Is this some kind of joke? The article suggests getting from supervisor to
> kernel is something of a big deal when I was doing this 25+ years ago by
> activating a privileged image from supervisor and borrowing it's privileges.
No, it's not a joke. The joke is that you can totally compromise VMS
from what should be a non-privileged shell. Anyone who doesn't see this
as a massive problem is completely clueless about today's expected
security standards.
The worst that should have happened in response to my original discovery
of the CDU parsing problem and the related DCL problem was an email saying
"Oops, that's embarrassing. We will fix it in the next release". It should
not have turned into a full blown CVE.
I'm not going to comment on whether this is the issue or whether it's
something else as I promised not to say anything until March and also
because I don't want to give any clues about how many security issues
DCL might have.
If anyone knows of any other ways to totally compromise VMS security
from supervisor mode, I would urge caution about how you release the
details.
Simon.
--
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Microsoft: Bringing you 1980s technology to a 21st century world
More information about the Info-vax
mailing list