Vulnerabilities > CVE-2000-0699 - Unspecified vulnerability in HP Hp-Ux 10.20/11.00

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
hp
critical
nessus
exploit available

Summary

Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command.

Vulnerable Configurations

Part Description Count
OS
Hp
2

Exploit-Db

descriptionHP-UX FTPD Remote Buffer Overflow Exploit. CVE-2000-0699. Dos exploit for hp-ux platform
idEDB-ID:212
last seen2016-01-31
modified2000-12-01
published2000-12-01
reportervenglin
sourcehttps://www.exploit-db.com/download/212/
titleHP-UX FTPD Remote Buffer Overflow Exploit

Nessus

NASL familyFTP
NASL idHPUX_FTPD.NASL
descriptionThe remote ftp server does not sanitize properly the argument of the PASS command it receives for anonymous accesses. It may be possible for a remote attacker to gain shell access.
last seen2020-06-01
modified2020-06-02
plugin id10490
published2000-08-07
reporterThis script is Copyright (C) 2000-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/10490
titleHP-UX FTP Daemon PASS Command Remote Format String