| VID |
16059 |
| Severity |
30 |
| Port |
21 |
| Protocol |
TCP |
| Class |
FTP |
| Detailed Description |
The version of the HPUX ftpd daemon has a memory disclosure vulnerability via a REST command. The REST command is intended to allow the user to restart an upload or download from a previous location. The implementation of the REST command in the FTP server version 1.1.214.4 shipped with HP-UX version 11.00 has a security flaw, which can allow a remote attacker to view the contents of a specific location in process memory. By specifying a specially calculated numeric argument to the command, it is possible to disclose the contents of that numeric location in process memory. This issue may be exploited to disclose the contents of sensitive files, such as /etc/passwd.
* Note: This check solely relied on the version number of the remote FTP server to assess this vulnerability, so this might be a false positive.
* Platforms Affected:
http://www.securityfocus.com/archive/1/323989
http://www.securiteam.com/unixfocus/5VP011PAAE.html
http://archives.neohapsis.com/archives/bugtraq/2003-06/0033.html
* Platforms Affected:
HP-UX 11.00
FTP server version 1.1.214.4 |
| Recommendation |
For HP-UX 11.00, apply the PHNE_21936 patch, available from http://itrc.hp.com |
| Related URL |
(CVE) |
| Related URL |
7825 (SecurityFocus) |
| Related URL |
12195 (ISS) |
|
