HP-UX FTP Daemon PASS Command Remote Format String

critical Nessus Plugin ID 10490

Synopsis

The remote FTP server is affected by a format string stack overwrite vulnerability.

Description

The remote ftp server does not sanitize properly the argument of the PASS command it receives for anonymous accesses.

It may be possible for a remote attacker to gain shell access.

Solution

Patches are available from the vendor.

See Also

http://seclists.org/bugtraq/2000/Aug/79

Plugin Details

Severity: Critical

ID: 10490

File Name: hpux_ftpd.nasl

Version: 1.34

Type: remote

Family: FTP

Published: 8/7/2000

Updated: 1/11/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:hp:hp-ux

Required KB Items: Settings/ParanoidReport

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 8/6/2000

Reference Information

CVE: CVE-2000-0699

BID: 1560