HP-UX ftpd glob() Expansion STAT Command Remote Overflow
Critical Nessus Network Monitor Plugin ID 1819
SynopsisThe remote host is vulnerable to a buffer overflow.
DescriptionA buffer overflow in FTP server in HPUX 11 and previous allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings.
SolutionUpgrade or patch according to vendor recommendations.