Detections
Analytics

HP-UX PHNE_23949 : s700_800 11.00 ftpd(1M) and ftp(1) patch

critical Nessus Plugin ID 16577

Synopsis

The remote HP-UX host is missing a security-related patch.

Description

s700_800 11.00 ftpd(1M) and ftp(1) patch :

The remote HP-UX host is affected by multiple vulnerabilities :

 - A potential vulnerability has been identified with HP-UX running ftpd. The vulnerability could be exploited by a remote unauthenticated user to list directories with the privileges of the root user. (HPSBUX02071 SSRT051064)

 - ftpd and ftp incorrectly manage buffers. (HPSBUX00162 SSRT4883)

Solution

Install patch PHNE_23949 or subsequent.

See Also

http://www.nessus.org/u?1aba643e

http://www.nessus.org/u?a8f47fb9

Plugin Details

Severity: Critical

ID: 16577

File Name: hpux_PHNE_23949.nasl

Version: 1.15

Type: local

Published: 2/16/2005

Updated: 1/11/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:hp:hp-ux

Required KB Items: Host/local_checks_enabled, Host/HP-UX/version, Host/HP-UX/swlist

Patch Publication Date: 5/18/2001

Vulnerability Publication Date: 10/19/2005

Reference Information

CVE: CVE-2004-1332, CVE-2005-3296

HP: HPSBUX00162, HPSBUX02071, SSRT051064, SSRT4883, emr_na-c00542740, emr_na-c00898886