Vigil@nce: HP-UX, remote acces with privileges
August 2008 by Vigil@nce
SYNTHESIS
A remote attacker can obtain privilege rights thanks to a
vulnerability inside the ftpd daemon.
Gravity: 3/4
Consequences: privileged access/rights
Provenance: internet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 14/08/2008
Identifier: VIGILANCE-VUL-8031
IMPACTED PRODUCTS
– Hewlett-Packard HP-UX [confidential versions]
DESCRIPTION
HP-UX can run a FTP daemon named ftpd.
For now, there is no information about the ftpd vulnerability
published.
A remote attacker can obtain privilege rights thanks to a
vulnerability inside the ftpd daemon.
CHARACTERISTICS
Identifiers: c01525562, CVE-2008-1668, VIGILANCE-VUL-8031