|
Family: FTP --> Category: attack
HP-UX FTPD REST Command Memory Disclosure Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks if the remote ftp sanitizes the RETR command
Detailed Explanation for this Vulnerability Test
Synopsis :
It is possible to disclose the contents of the memory of the remote host
Description :
The remote FTP server seems to be vulnerable to an integer conversion bug when
it receives a malformed argument to the 'REST' command.
A possible hacker may exploit this flaw to force the remote FTP daemon to disclose portions
of the memory of the remote host.
Solution :
If the remote FTP server is HP/UX ftpd, then apply patch PHNE_21936.
Threat Level:
Low / CVSS Base Score : 2
(AV:R/AC:H/Au:R/C:P/A:N/I:N/B:C)
Click HERE for more information and discussions on this network vulnerability scan.
|