Family: FTP --> Category: mixed
HP-UX ftpd glob() Expansion STAT Buffer Overflow Vulnerability Scan
Vulnerability Scan Summary
Checks if the remote HPUX ftp can be buffer overflown
Detailed Explanation for this Vulnerability Test
Buffer overflow in FTP server in HPUX 11 and previous
allows remote attackers to execute arbitrary commands
by creating a long pathname and calling the STAT
command, which uses glob to generate long strings.
Solution : upgrade your FTP server
Consider removing directories writable by 'anonymous'.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.