[Info-vax] VSI strategy for OpenVMS
Simon Clubley
clubley at remove_me.eisner.decus.org-Earth.UFP
Fri Sep 17 23:03:06 EDT 2021
On 2021-09-17, abrsvc <dansabrservices at yahoo.com> wrote:
>
>>
>> Everyone here knows about the DCL CVE and the fact it was directly
>> exploitable on VAX and Alpha (and causes a crash on Itanium, so it
>> was an open question about whether someone with sufficient skills
>> and knowledge could do mischief on Itanium).
>>
>> What you may have forgotten is that a few months before that, I had
>> found another way to crash DCL by stuffing the recall buffer full
>> of binary data. That earlier attempt also caused a crash, but it was
>> not exploitable so nobody had to worry about it from a system compromise
>> point of view.
>
> But, both cases required being logged into an account correct?
>
Yes Dan, they did.
> This is different that an external attach not requiring access.
>
In some ways yes, no other ways no.
The point of bringing up those two examples was to demonstrate to
Arne, once and for all, that two different crashes in the same piece
of software (DCL) had very different outcomes depending on whether
you could get attacker-controlled code to execute.
That difference holds true regardless of whether the crash is in
a locally accessed piece of software (as in my case) or whether
the crash is triggered remotely across the network.
> So answer this: If OpenVMS is running on a VM and the VM is compromised, is the problem with OpenVMS or with the VM?
The VM, provided that the guest VMS instance was not missing
mitigations present in other operating systems that would have
constrained the severity of the compromise.
> If OpenVMS is running on bare metal, would you expect external vulnerabilities?
Yes, Dan, yes I most certainly would.
And it's a sad commentary on the state of hardware these days that
the reason I am so sure about this is because it has already happened
to other operating systems:
https://en.wikipedia.org/wiki/Intel_Management_Engine#Security_vulnerabilities
Try not to get too depressed when you read the above and think about
the implications. :-(
Simon.
--
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.
More information about the Info-vax
mailing list