Oval Definition:
oval:org.mitre.oval:def:1439
Revision Date
:
2010-09-20
Version
:
20
Title
:
HP-UX ftpd Remote Unauthorized Data Access (B.11.11)
Description
:
The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote attackers to list arbitrary directories as root by running the LIST command before logging in.
Family
:
unix
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-2005-3296
Platform(s)
:
HP-UX 11
Product(s)
:
ftpd
Definition Synopsis
700 Series or 800 Series OS Release 11.11
700 Series OS Release 11.11
700-series HP
AND
HP Release B.11.11
OR
800 Series OS Release 11.11
800-series HP
AND
HP Release B.11.11
AND
InternetSrvcs.INETSVCS-RUN or InternetSrvcs.INET-ENG-A-MAN (B.11.11) is installed
InternetSrvcs.INETSVCS-RUN is installed
OR
InternetSrvcs.INET-ENG-A-MAN is installed
AND
NOT
Patch PHNE_23950 is installed
BACK