Oval Definition:
oval:org.mitre.oval:def:1472
Revision Date
:
2010-09-20
Version
:
20
Title
:
HP-UX ftpd Remote Unauthorized Data Access (B.10.20)
Description
:
The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote attackers to list arbitrary directories as root by running the LIST command before logging in.
Family
:
unix
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-2005-3296
Platform(s)
:
HP-UX 10
Product(s)
:
ftpd
Definition Synopsis
700 Series or 800 Series OS Release 10.20
700 Series OS Release 10.20
700-series HP
AND
HP Release B.10.20
OR
800 Series OS Release 10.20
800-series HP
AND
HP Release B.10.20
AND
InternetSrvcs.INETSVCS-RUN or InternetSrvcs.INET-ENG-A-MAN (B.10.20) is installed
InternetSrvcs.INETSVCS-RUN is installed
OR
InternetSrvcs.INET-ENG-A-MAN is installed
AND
NOT
Patch PHNE_23948 is installed
BACK