Vulnerability Name:

CCN-13725

Published:2003-11-11
Updated:2003-11-11
Summary:The File Transfer (FTP) service enables access to a system using a weak authentication method with clear-text passwords. Additionally, programming flaws in this service may allow attackers to gain root access. Ideally this service should be disabled. If the service is required, then access to the service can be restricted using the 'TCP Wrappers' utility. This provides fine-grained access control, allowing access to services to be either allowed or denied on a host-by-host basis.
CVSS v3 Severity:
CVSS v2 Severity:
Vulnerability Consequences:Informational
References:Source: CCN
Type: SANS Web site
SANS Top 20 Internet Security Vulnerabilities

Source: XF
Type: UNKNOWN
ftp-wrapped(13725)

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/o:hp:hp-ux:10.20:*:*:*:*:*:*:*
  • AND
  • cpe:/o:sun:solaris:2.6::sparc:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:8::sparc:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9::sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:7.0::sparc:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    hp hp-ux 10.20
    sun solaris 2.6
    ibm aix 4.3
    sun solaris 8
    hp hp-ux 11
    redhat linux 7
    redhat linux 7.1
    redhat linux 7.2
    redhat linux 7.3
    sun solaris 9
    sun solaris 7.0