Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: FTP --> Category: attack

HP-UX FTPD REST Command Memory Disclosure Vulnerability Vulnerability Scan


Vulnerability Scan Summary
Checks if the remote ftp sanitizes the RETR command

Detailed Explanation for this Vulnerability Test

Synopsis :

It is possible to disclose the contents of the memory of the remote host

Description :
The remote FTP server seems to be vulnerable to an integer conversion bug when
it receives a malformed argument to the 'REST' command.

A possible hacker may exploit this flaw to force the remote FTP daemon to disclose portions
of the memory of the remote host.

Solution :

If the remote FTP server is HP/UX ftpd, then apply patch PHNE_21936.

Threat Level:

Low / CVSS Base Score : 2
(AV:R/AC:H/Au:R/C:P/A:N/I:N/B:C)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.