OpenVMS WASD HTTP Server Multiple Vulnerabilities

Critical Nessus Plugin ID 17150


The remote host has an application that may allow arbitrary code execution on the remote system.


According to its banner, the remote host appears to be running WASD HTTP server - a web server for the OpenVMS platform.

The remote version of this software is affected by various vulnerabilities that may allow an attacker to execute arbitrary code on the remote host.


Upgrade to OpenVMS WASD 7.2.4, 8.0.1 or 8.1

Plugin Details

Severity: Critical

ID: 17150

File Name: openvms_wasd_http.nasl

Version: $Revision: 1.11 $

Type: remote

Family: Web Servers

Published: 2005/02/19

Modified: 2011/03/17

Dependencies: 10107

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2005/11/30

Reference Information

CVE: CVE-2002-1825

BID: 5811

OSVDB: 21288