Oval Definition:
oval:org.mitre.oval:def:1276
Revision Date
:
2008-08-04
Version
:
20
Title
:
HP-UX ftpd Remote Unauthorized Data Access
Description
:
The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote attackers to list arbitrary directories as root by running the LIST command before logging in.
Family
:
unix
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-2005-3296
Platform(s)
:
HP-UX 11
Product(s)
:
Definition Synopsis
Criteria meets HP Security Bulletin HPSBUX02071
HP Release B.11.04
AND
InternetSrvcs.INETSVCS-RUN is installed
AND
NOT
Patch PHNE_24395 is installed
OR
Criteria meets HP Security Bulletin HPSBUX02071
HP Release B.11.00
AND
InternetSrvcs.INETSVCS-RUN is installed
AND
NOT
Patch PHNE_23949 is installed
BACK