| VID |
16130 |
| Severity |
40 |
| Port |
21 |
| Protocol |
TCP |
| Class |
FTP |
| Detailed Description |
The HP-UX FTP server, according to its banner, appears to be at a patch level before PHNE_38458. The ftpd in HP-UX B.11.11 could allow remote attacker to bypass certain security restrictions and gain privileges, caused due to an unspecified error in the ftpd server. An anonymous remote attacker could exploit this vulnerability to gain elevated privileges on the affected host.
* References:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01525562
ftp://us-ffs.external.hp.com/hp-ux_patches/s700_800/11.X/PHNE_38458.txt
http://www.securityfocus.com/advisories/15189
http://secunia.com/advisories/31471
* Platforms Affected:
HP, HP-UX B.11.11 running ftpd |
| Recommendation |
Apply the appropriate patch (PHNE_38458) for your system, as listed in HP Security Bulletin HPSBUX02356 SSRT080051 rev.1 at http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01525562 |
| Related URL |
CVE-2008-1668 (CVE) |
| Related URL |
30666 (SecurityFocus) |
| Related URL |
(ISS) |
|
