Vulnerabilities > CVE-2004-1332 - Unspecified vulnerability in HP products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
hp
nessus

Summary

Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.

Nessus

  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHNE_29462.NASL
    descriptions700_800 11.22 ftpd(1M) and ftp(1) patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability has been identified with HP-UX running ftpd where the vulnerability could be exploited to allow a remote authorized user unauthorized access to files. (HPSBUX01119 SSRT4694) - A potential security vulnerability has been identified with HP-UX running ftp where the vulnerability could be exploited remotely to allow unauthorized access. (HPSBUX01050 SSRT3456) - The wu-ftpd program is potentially vulnerable to a buffer overflow. (HPSBUX00277 SSRT3606) - A potential security vulnerability has been identified with HP-UX running ftpd, where a buffer overflow in ftpd could be remotely exploited to allow an unauthorized user to gain privileged access. (HPSBUX01118 SSRT4883) - A potential vulnerability has been identified with HP-UX running wu-ftpd with the restricted gid option enabled where the vulnerability could be exploited by a local user to gain unauthorized access to files. (HPSBUX01059 SSRT4704)
    last seen2020-06-01
    modified2020-06-02
    plugin id16907
    published2005-02-16
    reporterThis script is Copyright (C) 2005-2016 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/16907
    titleHP-UX PHNE_29462 : s700_800 11.22 ftpd(1M) and ftp(1) patch
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and patch checks in this plugin were 
    # extracted from HP patch PHNE_29462. The text itself is
    # copyright (C) Hewlett-Packard Development Company, L.P.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(16907);
      script_version("$Revision: 1.12 $");
      script_cvs_date("$Date: 2016/01/14 15:20:32 $");
    
      script_cve_id("CVE-2003-0466", "CVE-2004-0148", "CVE-2004-1332", "CVE-2005-0547");
      script_xref(name:"HP", value:"emr_na-c00572225");
      script_xref(name:"HP", value:"emr_na-c00951272");
      script_xref(name:"HP", value:"emr_na-c00951289");
      script_xref(name:"HP", value:"emr_na-c01035676");
      script_xref(name:"HP", value:"emr_na-c01035678");
      script_xref(name:"HP", value:"HPSBUX00277");
      script_xref(name:"HP", value:"HPSBUX01050");
      script_xref(name:"HP", value:"HPSBUX01059");
      script_xref(name:"HP", value:"HPSBUX01118");
      script_xref(name:"HP", value:"HPSBUX01119");
      script_xref(name:"HP", value:"SSRT3456");
      script_xref(name:"HP", value:"SSRT3606");
      script_xref(name:"HP", value:"SSRT4694");
      script_xref(name:"HP", value:"SSRT4704");
      script_xref(name:"HP", value:"SSRT4883");
    
      script_name(english:"HP-UX PHNE_29462 : s700_800 11.22 ftpd(1M) and ftp(1) patch");
      script_summary(english:"Checks for the patch in the swlist output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote HP-UX host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "s700_800 11.22 ftpd(1M) and ftp(1) patch : 
    
    The remote HP-UX host is affected by multiple vulnerabilities :
    
      - A potential vulnerability has been identified with HP-UX
        running ftpd where the vulnerability could be exploited
        to allow a remote authorized user unauthorized access to
        files. (HPSBUX01119 SSRT4694)
    
      - A potential security vulnerability has been identified
        with HP-UX running ftp where the vulnerability could be
        exploited remotely to allow unauthorized access.
        (HPSBUX01050 SSRT3456)
    
      - The wu-ftpd program is potentially vulnerable to a
        buffer overflow. (HPSBUX00277 SSRT3606)
    
      - A potential security vulnerability has been identified
        with HP-UX running ftpd, where a buffer overflow in ftpd
        could be remotely exploited to allow an unauthorized
        user to gain privileged access. (HPSBUX01118 SSRT4883)
    
      - A potential vulnerability has been identified with HP-UX
        running wu-ftpd with the restricted gid option enabled
        where the vulnerability could be exploited by a local
        user to gain unauthorized access to files. (HPSBUX01059
        SSRT4704)"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00951272
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?6ca73dfe"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00951289
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?353e3f75"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00572225
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?2fb36360"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01035676
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?0e3b95fe"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01035678
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?9d4b2076"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install patch PHNE_29462 or subsequent."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2004/06/03");
      script_set_attribute(attribute:"patch_modification_date", value:"2006/01/23");
      script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/16");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.");
      script_family(english:"HP-UX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("hpux.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX");
    if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    if (!hpux_check_ctx(ctx:"11.22"))
    {
      exit(0, "The host is not affected since PHNE_29462 applies to a different OS release.");
    }
    
    patches = make_list("PHNE_29462");
    foreach patch (patches)
    {
      if (hpux_installed(app:patch))
      {
        exit(0, "The host is not affected because patch "+patch+" is installed.");
      }
    }
    
    
    flag = 0;
    if (hpux_check_patch(app:"InternetSrvcs.INETSVCS2-RUN", version:"B.11.22")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHNE_24395.NASL
    descriptions700_800 11.04 (VVOS) ftpd(1M) and ftp(1) patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability has been identified with HP-UX running ftpd. The vulnerability could be exploited by a remote unauthenticated user to list directories with the privileges of the root user. (HPSBUX02071 SSRT051064) - ftpd and ftp incorrectly manage buffers. (HPSBUX00162 SSRT4883)
    last seen2020-06-01
    modified2020-06-02
    plugin id16931
    published2005-02-16
    reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/16931
    titleHP-UX PHNE_24395 : s700_800 11.04 (VVOS) ftpd(1M) and ftp(1) patch
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and patch checks in this plugin were 
    # extracted from HP patch PHNE_24395. The text itself is
    # copyright (C) Hewlett-Packard Development Company, L.P.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(16931);
      script_version("1.13");
      script_cvs_date("Date: 2018/08/10 18:07:07");
    
      script_cve_id("CVE-2004-1332", "CVE-2005-3296");
      script_xref(name:"HP", value:"emr_na-c00542740");
      script_xref(name:"HP", value:"emr_na-c00898886");
      script_xref(name:"HP", value:"HPSBUX00162");
      script_xref(name:"HP", value:"HPSBUX02071");
      script_xref(name:"HP", value:"SSRT051064");
      script_xref(name:"HP", value:"SSRT4883");
    
      script_name(english:"HP-UX PHNE_24395 : s700_800 11.04 (VVOS) ftpd(1M) and ftp(1) patch");
      script_summary(english:"Checks for the patch in the swlist output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote HP-UX host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "s700_800 11.04 (VVOS) ftpd(1M) and ftp(1) patch : 
    
    The remote HP-UX host is affected by multiple vulnerabilities :
    
      - A potential vulnerability has been identified with HP-UX
        running ftpd. The vulnerability could be exploited by a
        remote unauthenticated user to list directories with the
        privileges of the root user. (HPSBUX02071 SSRT051064)
    
      - ftpd and ftp incorrectly manage buffers. (HPSBUX00162
        SSRT4883)"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00898886
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?1aba643e"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00542740
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?a8f47fb9"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install patch PHNE_24395 or subsequent."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2001/08/28");
      script_set_attribute(attribute:"patch_modification_date", value:"2006/01/23");
      script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/16");
      script_set_attribute(attribute:"vuln_publication_date", value:"2005/10/19");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
      script_family(english:"HP-UX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("hpux.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX");
    if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    if (!hpux_check_ctx(ctx:"11.04"))
    {
      exit(0, "The host is not affected since PHNE_24395 applies to a different OS release.");
    }
    
    patches = make_list("PHNE_24395", "PHNE_31034", "PHNE_32813", "PHNE_34077");
    foreach patch (patches)
    {
      if (hpux_installed(app:patch))
      {
        exit(0, "The host is not affected because patch "+patch+" is installed.");
      }
    }
    
    
    flag = 0;
    if (hpux_check_patch(app:"InternetSrvcs.INET-ENG-A-MAN", version:"B.11.04")) flag++;
    if (hpux_check_patch(app:"InternetSrvcs.INETSVCS-RUN", version:"B.11.04")) flag++;
    if (hpux_check_patch(app:"VirtualVaultOS.VVOS-AUX-IA", version:"B.11.04")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHNE_23949.NASL
    descriptions700_800 11.00 ftpd(1M) and ftp(1) patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability has been identified with HP-UX running ftpd. The vulnerability could be exploited by a remote unauthenticated user to list directories with the privileges of the root user. (HPSBUX02071 SSRT051064) - ftpd and ftp incorrectly manage buffers. (HPSBUX00162 SSRT4883)
    last seen2020-06-01
    modified2020-06-02
    plugin id16577
    published2005-02-16
    reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/16577
    titleHP-UX PHNE_23949 : s700_800 11.00 ftpd(1M) and ftp(1) patch
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and patch checks in this plugin were 
    # extracted from HP patch PHNE_23949. The text itself is
    # copyright (C) Hewlett-Packard Development Company, L.P.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(16577);
      script_version("1.14");
      script_cvs_date("Date: 2018/08/10 18:07:07");
    
      script_cve_id("CVE-2004-1332", "CVE-2005-3296");
      script_xref(name:"HP", value:"emr_na-c00542740");
      script_xref(name:"HP", value:"emr_na-c00898886");
      script_xref(name:"HP", value:"HPSBUX00162");
      script_xref(name:"HP", value:"HPSBUX02071");
      script_xref(name:"HP", value:"SSRT051064");
      script_xref(name:"HP", value:"SSRT4883");
    
      script_name(english:"HP-UX PHNE_23949 : s700_800 11.00 ftpd(1M) and ftp(1) patch");
      script_summary(english:"Checks for the patch in the swlist output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote HP-UX host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "s700_800 11.00 ftpd(1M) and ftp(1) patch : 
    
    The remote HP-UX host is affected by multiple vulnerabilities :
    
      - A potential vulnerability has been identified with HP-UX
        running ftpd. The vulnerability could be exploited by a
        remote unauthenticated user to list directories with the
        privileges of the root user. (HPSBUX02071 SSRT051064)
    
      - ftpd and ftp incorrectly manage buffers. (HPSBUX00162
        SSRT4883)"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00898886
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?1aba643e"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00542740
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?a8f47fb9"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install patch PHNE_23949 or subsequent."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2001/05/18");
      script_set_attribute(attribute:"patch_modification_date", value:"2006/01/23");
      script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/16");
      script_set_attribute(attribute:"vuln_publication_date", value:"2005/10/19");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
      script_family(english:"HP-UX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("hpux.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX");
    if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    if (!hpux_check_ctx(ctx:"11.00"))
    {
      exit(0, "The host is not affected since PHNE_23949 applies to a different OS release.");
    }
    
    patches = make_list("PHNE_23949", "PHNE_29460", "PHNE_30989", "PHNE_33406", "PHNE_34543");
    foreach patch (patches)
    {
      if (hpux_installed(app:patch))
      {
        exit(0, "The host is not affected because patch "+patch+" is installed.");
      }
    }
    
    
    flag = 0;
    if (hpux_check_patch(app:"InternetSrvcs.INET-ENG-A-MAN", version:"B.11.00")) flag++;
    if (hpux_check_patch(app:"InternetSrvcs.INETSVCS-RUN", version:"B.11.00")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHNE_29460.NASL
    descriptions700_800 11.00 ftpd(1M) and ftp(1) patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running ftp where the vulnerability could be exploited remotely to allow unauthorized access. (HPSBUX01050 SSRT3456) - A potential security vulnerability has been identified with HP-UX running ftpd, where a buffer overflow in ftpd could be remotely exploited to allow an unauthorized user to gain privileged access. (HPSBUX01118 SSRT4883) - The wu-ftpd program is potentially vulnerable to a buffer overflow. (HPSBUX00277 SSRT3606)
    last seen2020-06-01
    modified2020-06-02
    plugin id16909
    published2005-02-16
    reporterThis script is Copyright (C) 2005-2016 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/16909
    titleHP-UX PHNE_29460 : s700_800 11.00 ftpd(1M) and ftp(1) patch
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and patch checks in this plugin were 
    # extracted from HP patch PHNE_29460. The text itself is
    # copyright (C) Hewlett-Packard Development Company, L.P.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(16909);
      script_version("$Revision: 1.13 $");
      script_cvs_date("$Date: 2016/01/14 15:20:32 $");
    
      script_cve_id("CVE-2003-0466", "CVE-2004-1332");
      script_xref(name:"HP", value:"emr_na-c00951272");
      script_xref(name:"HP", value:"emr_na-c00951289");
      script_xref(name:"HP", value:"emr_na-c01035676");
      script_xref(name:"HP", value:"HPSBUX00277");
      script_xref(name:"HP", value:"HPSBUX01050");
      script_xref(name:"HP", value:"HPSBUX01118");
      script_xref(name:"HP", value:"SSRT3456");
      script_xref(name:"HP", value:"SSRT3606");
      script_xref(name:"HP", value:"SSRT4883");
    
      script_name(english:"HP-UX PHNE_29460 : s700_800 11.00 ftpd(1M) and ftp(1) patch");
      script_summary(english:"Checks for the patch in the swlist output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote HP-UX host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "s700_800 11.00 ftpd(1M) and ftp(1) patch : 
    
    The remote HP-UX host is affected by multiple vulnerabilities :
    
      - A potential security vulnerability has been identified
        with HP-UX running ftp where the vulnerability could be
        exploited remotely to allow unauthorized access.
        (HPSBUX01050 SSRT3456)
    
      - A potential security vulnerability has been identified
        with HP-UX running ftpd, where a buffer overflow in ftpd
        could be remotely exploited to allow an unauthorized
        user to gain privileged access. (HPSBUX01118 SSRT4883)
    
      - The wu-ftpd program is potentially vulnerable to a
        buffer overflow. (HPSBUX00277 SSRT3606)"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00951272
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?6ca73dfe"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00951289
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?353e3f75"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01035676
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?0e3b95fe"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install patch PHNE_29460 or subsequent."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2004/02/10");
      script_set_attribute(attribute:"patch_modification_date", value:"2007/04/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/16");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.");
      script_family(english:"HP-UX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("hpux.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX");
    if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    if (!hpux_check_ctx(ctx:"11.00"))
    {
      exit(0, "The host is not affected since PHNE_29460 applies to a different OS release.");
    }
    
    patches = make_list("PHNE_29460", "PHNE_30989", "PHNE_33406", "PHNE_34543");
    foreach patch (patches)
    {
      if (hpux_installed(app:patch))
      {
        exit(0, "The host is not affected because patch "+patch+" is installed.");
      }
    }
    
    
    flag = 0;
    if (hpux_check_patch(app:"InternetSrvcs.INET-ENG-A-MAN", version:"B.11.00")) flag++;
    if (hpux_check_patch(app:"InternetSrvcs.INETSVCS-RUN", version:"B.11.00")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHNE_29461.NASL
    descriptions700_800 11.11 ftpd(1M) and ftp(1) patch : The remote HP-UX host is affected by multiple vulnerabilities : - The wu-ftpd program is potentially vulnerable to a buffer overflow. (HPSBUX00277 SSRT3606) - A potential security vulnerability has been identified with HP-UX running ftpd, where a buffer overflow in ftpd could be remotely exploited to allow an unauthorized user to gain privileged access. (HPSBUX01118 SSRT4883) - A potential security vulnerability has been identified with HP-UX running ftp where the vulnerability could be exploited remotely to allow unauthorized access. (HPSBUX01050 SSRT3456)
    last seen2020-06-01
    modified2020-06-02
    plugin id16908
    published2005-02-16
    reporterThis script is Copyright (C) 2005-2016 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/16908
    titleHP-UX PHNE_29461 : s700_800 11.11 ftpd(1M) and ftp(1) patch
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and patch checks in this plugin were 
    # extracted from HP patch PHNE_29461. The text itself is
    # copyright (C) Hewlett-Packard Development Company, L.P.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(16908);
      script_version("$Revision: 1.16 $");
      script_cvs_date("$Date: 2016/01/14 15:20:32 $");
    
      script_cve_id("CVE-2003-0466", "CVE-2004-1332");
      script_xref(name:"HP", value:"emr_na-c00951272");
      script_xref(name:"HP", value:"emr_na-c00951289");
      script_xref(name:"HP", value:"emr_na-c01035676");
      script_xref(name:"HP", value:"HPSBUX00277");
      script_xref(name:"HP", value:"HPSBUX01050");
      script_xref(name:"HP", value:"HPSBUX01118");
      script_xref(name:"HP", value:"SSRT3456");
      script_xref(name:"HP", value:"SSRT3606");
      script_xref(name:"HP", value:"SSRT4883");
    
      script_name(english:"HP-UX PHNE_29461 : s700_800 11.11 ftpd(1M) and ftp(1) patch");
      script_summary(english:"Checks for the patch in the swlist output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote HP-UX host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "s700_800 11.11 ftpd(1M) and ftp(1) patch : 
    
    The remote HP-UX host is affected by multiple vulnerabilities :
    
      - The wu-ftpd program is potentially vulnerable to a
        buffer overflow. (HPSBUX00277 SSRT3606)
    
      - A potential security vulnerability has been identified
        with HP-UX running ftpd, where a buffer overflow in ftpd
        could be remotely exploited to allow an unauthorized
        user to gain privileged access. (HPSBUX01118 SSRT4883)
    
      - A potential security vulnerability has been identified
        with HP-UX running ftp where the vulnerability could be
        exploited remotely to allow unauthorized access.
        (HPSBUX01050 SSRT3456)"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00951272
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?6ca73dfe"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00951289
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?353e3f75"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01035676
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?0e3b95fe"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install patch PHNE_29461 or subsequent."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2003/12/17");
      script_set_attribute(attribute:"patch_modification_date", value:"2007/04/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/16");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.");
      script_family(english:"HP-UX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("hpux.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX");
    if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    if (!hpux_check_ctx(ctx:"11.11"))
    {
      exit(0, "The host is not affected since PHNE_29461 applies to a different OS release.");
    }
    
    patches = make_list("PHNE_29461", "PHNE_30432", "PHNE_30990", "PHNE_33412", "PHNE_34544", "PHNE_36129", "PHNE_36192", "PHNE_38458", "PHNE_40774");
    foreach patch (patches)
    {
      if (hpux_installed(app:patch))
      {
        exit(0, "The host is not affected because patch "+patch+" is installed.");
      }
    }
    
    
    flag = 0;
    if (hpux_check_patch(app:"InternetSrvcs.INETSVCS-RUN", version:"B.11.11")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHNE_31034.NASL
    descriptions700_800 11.04 (VVOS) ftpd(1M) and ftp(1) patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running ftpd, where a buffer overflow in ftpd could be remotely exploited to allow an unauthorized user to gain privileged access. (HPSBUX01118 SSRT4883) - A potential security vulnerability has been identified with HP-UX running ftp where the vulnerability could be exploited remotely to allow unauthorized access. (HPSBUX01050 SSRT3456)
    last seen2020-06-01
    modified2020-06-02
    plugin id16971
    published2005-02-16
    reporterThis script is Copyright (C) 2005-2013 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/16971
    titleHP-UX PHNE_31034 : s700_800 11.04 (VVOS) ftpd(1M) and ftp(1) patch
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and patch checks in this plugin were 
    # extracted from HP patch PHNE_31034. The text itself is
    # copyright (C) Hewlett-Packard Development Company, L.P.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(16971);
      script_version("$Revision: 1.11 $");
      script_cvs_date("$Date: 2013/04/20 00:36:49 $");
    
      script_cve_id("CVE-2004-1332");
      script_xref(name:"HP", value:"emr_na-c00951289");
      script_xref(name:"HP", value:"emr_na-c01035676");
      script_xref(name:"HP", value:"HPSBUX01050");
      script_xref(name:"HP", value:"HPSBUX01118");
      script_xref(name:"HP", value:"SSRT3456");
      script_xref(name:"HP", value:"SSRT4883");
    
      script_name(english:"HP-UX PHNE_31034 : s700_800 11.04 (VVOS) ftpd(1M) and ftp(1) patch");
      script_summary(english:"Checks for the patch in the swlist output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote HP-UX host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "s700_800 11.04 (VVOS) ftpd(1M) and ftp(1) patch : 
    
    The remote HP-UX host is affected by multiple vulnerabilities :
    
      - A potential security vulnerability has been identified
        with HP-UX running ftpd, where a buffer overflow in ftpd
        could be remotely exploited to allow an unauthorized
        user to gain privileged access. (HPSBUX01118 SSRT4883)
    
      - A potential security vulnerability has been identified
        with HP-UX running ftp where the vulnerability could be
        exploited remotely to allow unauthorized access.
        (HPSBUX01050 SSRT3456)"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00951289
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?353e3f75"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01035676
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?0e3b95fe"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install patch PHNE_31034 or subsequent."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/04/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/16");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.");
      script_family(english:"HP-UX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("hpux.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX");
    if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    if (!hpux_check_ctx(ctx:"11.04"))
    {
      exit(0, "The host is not affected since PHNE_31034 applies to a different OS release.");
    }
    
    patches = make_list("PHNE_31034", "PHNE_32813", "PHNE_34077");
    foreach patch (patches)
    {
      if (hpux_installed(app:patch))
      {
        exit(0, "The host is not affected because patch "+patch+" is installed.");
      }
    }
    
    
    flag = 0;
    if (hpux_check_patch(app:"InternetSrvcs.INET-ENG-A-MAN", version:"B.11.04")) flag++;
    if (hpux_check_patch(app:"InternetSrvcs.INETSVCS-RUN", version:"B.11.04")) flag++;
    if (hpux_check_patch(app:"VirtualVaultOS.VVOS-AUX-IA", version:"B.11.04")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHNE_23950.NASL
    descriptions700_800 11.11 ftpd(1M) patch : ftpd and ftp incorrectly manage buffers.
    last seen2020-06-01
    modified2020-06-02
    plugin id16576
    published2005-02-16
    reporterThis script is Copyright (C) 2005-2013 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/16576
    titleHP-UX PHNE_23950 : HP-UX Running ftp and ftpd, Remote Unauthorized Access (HPSBUX00162 SSRT4883 rev.4)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and patch checks in this plugin were 
    # extracted from HP patch PHNE_23950. The text itself is
    # copyright (C) Hewlett-Packard Development Company, L.P.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(16576);
      script_version("$Revision: 1.15 $");
      script_cvs_date("$Date: 2013/04/20 00:32:52 $");
    
      script_cve_id("CVE-2004-1332");
      script_xref(name:"HP", value:"emr_na-c00898886");
      script_xref(name:"HP", value:"HPSBUX00162");
      script_xref(name:"HP", value:"SSRT4883");
    
      script_name(english:"HP-UX PHNE_23950 : HP-UX Running ftp and ftpd, Remote Unauthorized Access (HPSBUX00162 SSRT4883 rev.4)");
      script_summary(english:"Checks for the patch in the swlist output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote HP-UX host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "s700_800 11.11 ftpd(1M) patch : 
    
    ftpd and ftp incorrectly manage buffers."
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00898886
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?1aba643e"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install patch PHNE_23950 or subsequent."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2001/07/17");
      script_set_attribute(attribute:"patch_modification_date", value:"2007/03/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/16");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.");
      script_family(english:"HP-UX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("hpux.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX");
    if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    if (!hpux_check_ctx(ctx:"11.11"))
    {
      exit(0, "The host is not affected since PHNE_23950 applies to a different OS release.");
    }
    
    patches = make_list("PHNE_23950", "PHNE_27765", "PHNE_29461", "PHNE_30432", "PHNE_30990", "PHNE_33412", "PHNE_34544", "PHNE_36129", "PHNE_36192", "PHNE_38458", "PHNE_40774");
    foreach patch (patches)
    {
      if (hpux_installed(app:patch))
      {
        exit(0, "The host is not affected because patch "+patch+" is installed.");
      }
    }
    
    
    flag = 0;
    if (hpux_check_patch(app:"InternetSrvcs.INETSVCS-RUN", version:"B.11.11")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    

Oval

accepted2014-03-24T04:01:45.272-04:00
classvulnerability
contributors
  • nameMichael Wood
    organizationHewlett-Packard
  • nameSushant Kumar Singh
    organizationHewlett-Packard
descriptionStack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.
familyunix
idoval:org.mitre.oval:def:5701
statusaccepted
submitted2008-07-08T17:01:37.000-04:00
titleHP-UX ftpd, Remote Privileged Access
version40