Oval Definition:
oval:org.mitre.oval:def:1029
Revision Date
:
2010-09-20
Version
:
19
Title
:
HP-UX ftpd Remote Unauthorized Data Access (B.11.04)
Description
:
The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote attackers to list arbitrary directories as root by running the LIST command before logging in.
Family
:
unix
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-2005-3296
Platform(s)
:
HP-UX 11
Product(s)
:
ftpd
Definition Synopsis
InternetSrvcs.INETSVCS-RUN, InternetSrvcs.INET-ENG-A-MAN, or VirtualVaultOS.VVOS-AUX-IA (B.11.04) is installed
InternetSrvcs.INETSVCS-RUN is installed
OR
InternetSrvcs.INET-ENG-A-MAN is installed
OR
VirtualVaultOS.VVOS-AUX-IA is installed
AND
700 Series or 800 Series OS Release 11.04
700 Series OS Release 11.04
700-series HP
AND
HP Release B.11.04
OR
800 Series OS Release 11.04
800-series HP
AND
HP Release B.11.04
AND
NOT
Patch PHNE_24395 is installed
BACK