CVE-2005-3296
7.1 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.054 Low
EPSS
Percentile
93.1%
The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote attackers to list arbitrary directories as root by running the LIST command before logging in.
References
cert.uni-stuttgart.de/archive/bugtraq/2005/11/msg00126.html
securitytracker.com/id?1015158
www.frsirt.com/exploits/20051019.hpux_ftpd_preauth_list.pm.php
www.securityfocus.com/bid/15138
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1029
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1212
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1276
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1439
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1472
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A410
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A421
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A438
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A593
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A615
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A767
Related
7.1 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.054 Low
EPSS
Percentile
93.1%