Vulnerabilities > CVE-2005-0547 - Restricted File Access vulnerability in HP-UX FTP Server
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23 allows remote authenticated users to gain "unauthorized access to files."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 5 |
Nessus
NASL family HP-UX Local Security Checks NASL id HPUX_PHNE_30983.NASL description s700_800 11.23 ftpd(1M) patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability has been identified with HP-UX running wu-ftpd with the restricted gid option enabled where the vulnerability could be exploited by a local user to gain unauthorized access to files. (HPSBUX01059 SSRT4704) - A potential vulnerability has been identified with HP-UX running ftpd where the vulnerability could be exploited to allow a remote authorized user unauthorized access to files. (HPSBUX01119 SSRT4694) last seen 2020-06-01 modified 2020-06-02 plugin id 17422 published 2005-03-18 reporter This script is Copyright (C) 2005-2013 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/17422 title HP-UX PHNE_30983 : s700_800 11.23 ftpd(1M) patch code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHNE_30983. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(17422); script_version("$Revision: 1.20 $"); script_cvs_date("$Date: 2013/04/20 00:36:49 $"); script_cve_id("CVE-2004-0148", "CVE-2005-0547"); script_xref(name:"HP", value:"emr_na-c00572225"); script_xref(name:"HP", value:"emr_na-c01035678"); script_xref(name:"HP", value:"HPSBUX01059"); script_xref(name:"HP", value:"HPSBUX01119"); script_xref(name:"HP", value:"SSRT4694"); script_xref(name:"HP", value:"SSRT4704"); script_name(english:"HP-UX PHNE_30983 : s700_800 11.23 ftpd(1M) patch"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.23 ftpd(1M) patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability has been identified with HP-UX running wu-ftpd with the restricted gid option enabled where the vulnerability could be exploited by a local user to gain unauthorized access to files. (HPSBUX01059 SSRT4704) - A potential vulnerability has been identified with HP-UX running ftpd where the vulnerability could be exploited to allow a remote authorized user unauthorized access to files. (HPSBUX01119 SSRT4694)" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00572225 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?2fb36360" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01035678 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?9d4b2076" ); script_set_attribute( attribute:"solution", value:"Install patch PHNE_30983 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2004/06/25"); script_set_attribute(attribute:"patch_modification_date", value:"2006/01/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/03/18"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2013 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.23")) { exit(0, "The host is not affected since PHNE_30983 applies to a different OS release."); } patches = make_list("PHNE_30983", "PHNE_31732", "PHNE_32286", "PHNE_33414", "PHNE_34306", "PHNE_34698", "PHNE_36065", "PHNE_36193", "PHNE_38578", "PHNE_38916", "PHNE_40380", "PHNE_41248", "PHNE_41581", "PHNE_42661"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"InternetSrvcs.INETSVCS2-RUN", version:"B.11.23")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family HP-UX Local Security Checks NASL id HPUX_PHNE_29462.NASL description s700_800 11.22 ftpd(1M) and ftp(1) patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability has been identified with HP-UX running ftpd where the vulnerability could be exploited to allow a remote authorized user unauthorized access to files. (HPSBUX01119 SSRT4694) - A potential security vulnerability has been identified with HP-UX running ftp where the vulnerability could be exploited remotely to allow unauthorized access. (HPSBUX01050 SSRT3456) - The wu-ftpd program is potentially vulnerable to a buffer overflow. (HPSBUX00277 SSRT3606) - A potential security vulnerability has been identified with HP-UX running ftpd, where a buffer overflow in ftpd could be remotely exploited to allow an unauthorized user to gain privileged access. (HPSBUX01118 SSRT4883) - A potential vulnerability has been identified with HP-UX running wu-ftpd with the restricted gid option enabled where the vulnerability could be exploited by a local user to gain unauthorized access to files. (HPSBUX01059 SSRT4704) last seen 2020-06-01 modified 2020-06-02 plugin id 16907 published 2005-02-16 reporter This script is Copyright (C) 2005-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16907 title HP-UX PHNE_29462 : s700_800 11.22 ftpd(1M) and ftp(1) patch code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHNE_29462. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(16907); script_version("$Revision: 1.12 $"); script_cvs_date("$Date: 2016/01/14 15:20:32 $"); script_cve_id("CVE-2003-0466", "CVE-2004-0148", "CVE-2004-1332", "CVE-2005-0547"); script_xref(name:"HP", value:"emr_na-c00572225"); script_xref(name:"HP", value:"emr_na-c00951272"); script_xref(name:"HP", value:"emr_na-c00951289"); script_xref(name:"HP", value:"emr_na-c01035676"); script_xref(name:"HP", value:"emr_na-c01035678"); script_xref(name:"HP", value:"HPSBUX00277"); script_xref(name:"HP", value:"HPSBUX01050"); script_xref(name:"HP", value:"HPSBUX01059"); script_xref(name:"HP", value:"HPSBUX01118"); script_xref(name:"HP", value:"HPSBUX01119"); script_xref(name:"HP", value:"SSRT3456"); script_xref(name:"HP", value:"SSRT3606"); script_xref(name:"HP", value:"SSRT4694"); script_xref(name:"HP", value:"SSRT4704"); script_xref(name:"HP", value:"SSRT4883"); script_name(english:"HP-UX PHNE_29462 : s700_800 11.22 ftpd(1M) and ftp(1) patch"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.22 ftpd(1M) and ftp(1) patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability has been identified with HP-UX running ftpd where the vulnerability could be exploited to allow a remote authorized user unauthorized access to files. (HPSBUX01119 SSRT4694) - A potential security vulnerability has been identified with HP-UX running ftp where the vulnerability could be exploited remotely to allow unauthorized access. (HPSBUX01050 SSRT3456) - The wu-ftpd program is potentially vulnerable to a buffer overflow. (HPSBUX00277 SSRT3606) - A potential security vulnerability has been identified with HP-UX running ftpd, where a buffer overflow in ftpd could be remotely exploited to allow an unauthorized user to gain privileged access. (HPSBUX01118 SSRT4883) - A potential vulnerability has been identified with HP-UX running wu-ftpd with the restricted gid option enabled where the vulnerability could be exploited by a local user to gain unauthorized access to files. (HPSBUX01059 SSRT4704)" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00951272 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?6ca73dfe" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00951289 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?353e3f75" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00572225 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?2fb36360" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01035676 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?0e3b95fe" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01035678 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?9d4b2076" ); script_set_attribute( attribute:"solution", value:"Install patch PHNE_29462 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2004/06/03"); script_set_attribute(attribute:"patch_modification_date", value:"2006/01/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/16"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2016 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.22")) { exit(0, "The host is not affected since PHNE_29462 applies to a different OS release."); } patches = make_list("PHNE_29462"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"InternetSrvcs.INETSVCS2-RUN", version:"B.11.22")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family HP-UX Local Security Checks NASL id HPUX_PHNE_30990.NASL description s700_800 11.11 ftpd(1M) and ftp(1) patch : A potential vulnerability has been identified with HP-UX running ftpd where the vulnerability could be exploited to allow a remote authorized user unauthorized access to files. last seen 2020-06-01 modified 2020-06-02 plugin id 17424 published 2005-03-18 reporter This script is Copyright (C) 2005-2013 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/17424 title HP-UX PHNE_30990 : HP-UX ftpd, Remote Unauthorized Access (HPSBUX01119 SSRT4694 rev.2) code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHNE_30990. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(17424); script_version("$Revision: 1.15 $"); script_cvs_date("$Date: 2013/04/20 00:36:49 $"); script_cve_id("CVE-2005-0547"); script_xref(name:"HP", value:"emr_na-c01035678"); script_xref(name:"HP", value:"HPSBUX01119"); script_xref(name:"HP", value:"SSRT4694"); script_name(english:"HP-UX PHNE_30990 : HP-UX ftpd, Remote Unauthorized Access (HPSBUX01119 SSRT4694 rev.2)"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.11 ftpd(1M) and ftp(1) patch : A potential vulnerability has been identified with HP-UX running ftpd where the vulnerability could be exploited to allow a remote authorized user unauthorized access to files." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01035678 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?9d4b2076" ); script_set_attribute( attribute:"solution", value:"Install patch PHNE_30990 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2007/04/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/03/18"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2013 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.11")) { exit(0, "The host is not affected since PHNE_30990 applies to a different OS release."); } patches = make_list("PHNE_30990", "PHNE_33412", "PHNE_34544", "PHNE_36129", "PHNE_36192", "PHNE_38458", "PHNE_40774"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"InternetSrvcs.INET-ENG-A-MAN", version:"B.11.11")) flag++; if (hpux_check_patch(app:"InternetSrvcs.INETSVCS-RUN", version:"B.11.11")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family HP-UX Local Security Checks NASL id HPUX_PHNE_32813.NASL description s700_800 11.04 (VVOS) ftpd(1M) and ftp(1) patch : A potential vulnerability has been identified with HP-UX running ftpd where the vulnerability could be exploited to allow a remote authorized user unauthorized access to files. last seen 2020-06-01 modified 2020-06-02 plugin id 17425 published 2005-03-18 reporter This script is Copyright (C) 2005-2013 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/17425 title HP-UX PHNE_32813 : HP-UX ftpd, Remote Unauthorized Access (HPSBUX01119 SSRT4694 rev.2) code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHNE_32813. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(17425); script_version("$Revision: 1.11 $"); script_cvs_date("$Date: 2013/04/20 00:36:49 $"); script_cve_id("CVE-2005-0547"); script_xref(name:"HP", value:"emr_na-c01035678"); script_xref(name:"HP", value:"HPSBUX01119"); script_xref(name:"HP", value:"SSRT4694"); script_name(english:"HP-UX PHNE_32813 : HP-UX ftpd, Remote Unauthorized Access (HPSBUX01119 SSRT4694 rev.2)"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.04 (VVOS) ftpd(1M) and ftp(1) patch : A potential vulnerability has been identified with HP-UX running ftpd where the vulnerability could be exploited to allow a remote authorized user unauthorized access to files." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01035678 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?9d4b2076" ); script_set_attribute( attribute:"solution", value:"Install patch PHNE_32813 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2007/04/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/03/18"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2013 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.04")) { exit(0, "The host is not affected since PHNE_32813 applies to a different OS release."); } patches = make_list("PHNE_32813", "PHNE_34077"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"InternetSrvcs.INET-ENG-A-MAN", version:"B.11.04")) flag++; if (hpux_check_patch(app:"InternetSrvcs.INETSVCS-RUN", version:"B.11.04")) flag++; if (hpux_check_patch(app:"VirtualVaultOS.VVOS-AUX-IA", version:"B.11.04")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family HP-UX Local Security Checks NASL id HPUX_PHNE_30989.NASL description s700_800 11.00 ftpd(1M) and ftp(1) patch : A potential vulnerability has been identified with HP-UX running ftpd where the vulnerability could be exploited to allow a remote authorized user unauthorized access to files. last seen 2020-06-01 modified 2020-06-02 plugin id 17423 published 2005-03-18 reporter This script is Copyright (C) 2005-2013 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/17423 title HP-UX PHNE_30989 : HP-UX ftpd, Remote Unauthorized Access (HPSBUX01119 SSRT4694 rev.2) code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHNE_30989. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(17423); script_version("$Revision: 1.12 $"); script_cvs_date("$Date: 2013/04/20 00:36:49 $"); script_cve_id("CVE-2005-0547"); script_xref(name:"HP", value:"emr_na-c01035678"); script_xref(name:"HP", value:"HPSBUX01119"); script_xref(name:"HP", value:"SSRT4694"); script_name(english:"HP-UX PHNE_30989 : HP-UX ftpd, Remote Unauthorized Access (HPSBUX01119 SSRT4694 rev.2)"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.00 ftpd(1M) and ftp(1) patch : A potential vulnerability has been identified with HP-UX running ftpd where the vulnerability could be exploited to allow a remote authorized user unauthorized access to files." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01035678 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?9d4b2076" ); script_set_attribute( attribute:"solution", value:"Install patch PHNE_30989 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2007/04/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/03/18"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2013 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.00")) { exit(0, "The host is not affected since PHNE_30989 applies to a different OS release."); } patches = make_list("PHNE_30989", "PHNE_33406", "PHNE_34543"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"InternetSrvcs.INET-ENG-A-MAN", version:"B.11.00")) flag++; if (hpux_check_patch(app:"InternetSrvcs.INETSVCS-RUN", version:"B.11.00")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
Oval
| accepted | 2014-03-24T04:01:40.932-04:00 | ||||||||||||
| class | vulnerability | ||||||||||||
| contributors |
| ||||||||||||
| description | Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23 allows remote authenticated users to gain "unauthorized access to files." | ||||||||||||
| family | unix | ||||||||||||
| id | oval:org.mitre.oval:def:5464 | ||||||||||||
| status | accepted | ||||||||||||
| submitted | 2008-07-08T17:01:37.000-04:00 | ||||||||||||
| title | HP-UX ftpd, Remote Unauthorized Access | ||||||||||||
| version | 41 |