| VID |
16114 |
| Severity |
40 |
| Port |
69 |
| Protocol |
UDP |
| Class |
TFTP |
| Detailed Description |
The HP Ignite-UX application is vulnerable to a File Upload Vulnerability via the TFTP service. Hewlett-Packard Ignite-UX is an HP-UX administration toolset for creating disk images to install and restore complete HP-UX systems. HP-UX B.11.00, B11.11, B11.22, and B.11.23 running the HP Ignite-UX application before C.6.2.241 could allow a remote attacker to gain access to the file system. The HP Ignite-UX can use a TFTP server to facilitate anonymous access to configuration data. An error in handling the "add_new_client" command can cause some sections of the TFTP server directory tree to become world-writable. This can be exploited to copy files to/from the file system or to cause a DoS (Denial of Service) by filling up available disk space.
* References:
http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01219
http://www.corsaire.com/advisories/c041123-001.txt
http://secunia.com/advisories/16456/
http://www.securitytracker.com/alerts/2005/Aug/1014711.html
http://www.ciac.org/ciac/bulletins/p-277.shtml
* Platforms Affected:
HP Ignite-UX versions C.6.2.240 and earlier
Hewlett-Packard Company, HP-UX B.11.00
Hewlett-Packard Company, HP-UX B.11.11
Hewlett-Packard Company, HP-UX B.11.22
Hewlett-Packard Company, HP-UX B.11.23 |
| Recommendation |
Apply the HP Ignite-UX version C.6.2.241 patches. Hewlett-Packard customers can obtain patches for versions B.11.0, B.11.11, B.11.22, and B.11.23 (patch Ignite-UX_All_C.6.2.241.depot contains fixes for all four), available from the Hewlett-Packard Company Web site at http://www.hp.com/go/softwaredepot
-- OR --
Consider disabling the affected TFTP server if it is not required. Otherwise restrict access to trusted hosts only. |
| Related URL |
CVE-2004-0952 (CVE) |
| Related URL |
14571 (SecurityFocus) |
| Related URL |
21857 (ISS) |
|
