HP-UX FTPD REST Command Remote Arbitrary Memory Disclosure

high Nessus Plugin ID 11701

Language:

Synopsis

It is possible to disclose the contents of the memory of the remote host

Description

The remote FTP server seems to be vulnerable to an integer conversion bug when it receives a malformed argument to the 'REST' command.

An attacker may exploit this flaw to force the remote FTP daemon to disclose portions of the memory of the remote host.

Solution

If the remote FTP server is HP-UX ftpd, then apply patch PHNE_21936.

Plugin Details

Severity: High

ID: 11701

File Name: hpux_ftpd_rest_conversion.nasl

Version: 1.29

Type: remote

Family: FTP

Published: 6/6/2003

Updated: 1/11/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.1

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:hp:hp-ux

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: No exploit is required

Reference Information

BID: 7825