Unrated severityNVD Advisory· Published Apr 2, 2003· Updated Apr 16, 2026

CVE-2002-1513

Description

The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 allows local users to truncate arbitrary files via the -logfile command line option, which overrides file system permissions because the server runs with the SYSPRV and BYPASS privileges.

Affected products

Compaq/Tcp Ip Services4 versions
cpe:2.3:o:compaq:tcp-ip_services:4.2:*:openvms:*:*:*:*:*+ 3 more
- cpe:2.3:o:compaq:tcp-ip_services:4.2:*:openvms:*:*:*:*:*
- cpe:2.3:o:compaq:tcp-ip_services:5.0a:*:openvms:*:*:*:*:*
- cpe:2.3:o:compaq:tcp-ip_services:5.1:*:openvms:*:*:*:*:*
- cpe:2.3:o:compaq:tcp-ip_services:5.3:*:openvms:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archives.neohapsis.com/archives/bugtraq/2002-10/0010.htmlnvdPatchVendor Advisory
www.iss.net/security_center/static/10236.phpnvdPatchVendor Advisory
online.securityfocus.com/archive/1/293070nvdExploitPatchVendor Advisory
www.securityfocus.com/bid/5790nvdExploitPatchVendor Advisory
archives.neohapsis.com/archives/compaq/2002-q4/0000.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000