SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (File Transfer/Sharing)  >   FTP (Generic) Vendors:   HPE
HP-UX ftpd Debug Logging Buffer Overflow Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1012650
SecurityTracker URL:  http://securitytracker.com/id/1012650
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Dec 22 2004
Impact:   Execution of arbitrary code via network, Root access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A buffer overflow vulnerability was reported in the HP-UX ftpd when in a certain configuration. A remote user can execute arbitrary code on the target system.

iDEFENSE reported that when ftpd is configured via /etc/inetd.conf to log debug information using v switch (not the default configuration), then a remote user can send a specially crafted command to trigger a stack overflow and execute arbitrary code. The code will run with the privileges of the ftpd process, which is usually root user privileges. The overflow can be triggered prior to authentication.

The vendor was notified on December 2, 2004.

iDEFENSE Labs discovered this flaw.

Impact:   A remote user can execute arbitrary code on the target system with the privileges of the target ftpd process, which is typically root level privileges.
Solution:   The vendor has issued the following fixes:

HP-UX B.11.00: PHNE_29460
HP-UX B.11.04: PHNE_31034
HP-UX B.11.11: PHNE_29461
HP-UX B.11.22: PHNE_29462

Vendor URL:  www.hp.com/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  UNIX (HP/UX)
Underlying OS Comments:  11.00, 11.04, 11.11, 11.22

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC