[Info-vax] String Manipulation
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Wed Oct 13 12:53:07 EDT 2021
On 2021-10-13 16:30:07 +0000, HCorte said:
> Gona use STR$ELEMENT since allows to split more easly multiple
> substrings, the string will alls be valid since I am the one defining
> that string into a logical name.
Logical names solely translated from privileged modes probably, but
there have been exploits against OpenVMS and apps involving
translations of untrusted translations.
With the knowledge that the exploit referenced in the following SPR
involved faulty logical name translation, which logical name and how
the exploit worked should be obvious...
OPERATING SYSTEM: VAX/VMS V2.1
PRODUCT: VAX/VMS
COMPONENT: LOGINOUT
GRPNAM SECURITY HOLE IN LOGIN
PROBLEM STATEMENT:
The GRPNAM privilege is an evil demon, allowing the user to
invoke its secret entrance for all manner of nefarious
purposes not originally intended.
RESPONSE FROM DEC:
The great wizard VMS confronted the demon, raised his great
oaken staff carved in ancient runes, and spoke the magic
incantation:
"$SETPRV IMAGEACTIVATIONENHANCEDPRIVILEGES $CMKRNL!!"
There was a blinding flash of light and puff of smoke, and
the demon, reduced to harmlessness, scurried off into the
distance.
Where his secret entrance had been was naught but a little
pile of ashes, which the wind slowly drifted into letters
spelling the words "FIXED IN V2.3".
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list