THE MUCH TOUTED invulnerability of the VMS operating system has received a knock after Akita Security found a bug in the UCX pop server.
That, according to the firm in an advisory, which you can find here, can allow users to overwrite "any file on the system" with a zero byte file.
The advisory adds that because UCX is popular, the problem will be widespread in OpenVMS installations.
The problem is discussed in detail on the comp.os.vms list, but many users are irate that although there is a patch for the problem, no official announcement has been made.
One user told the INQUIRER that because of this, it was entirely possible that many OpenVMS users were opening their systems to a vulnerability because they didn"t read Usenet, but hadn"t been officially told.
The Akita note says that it is investigating other vulnerabilities in OpenVMS, which is generally considered to be one of the most robust OSes on the planet.