icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

HP-UX ftpd glob() Expansion STAT Command Remote Overflow

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

A buffer overflow in FTP server in HPUX 11 and previous allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings.

Solution

Upgrade or patch according to vendor recommendations.