716 matches found
TFTP File Detection (HP Ignite-UX passwd) - Active Check
The remote host has a vulnerable version of the HP Ignite-UX application installed that exposes the /etc/passwd file to anonymous TFTP access. SPDX-FileCopyrightText: 2005 Corsaire Limited Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...
HP Ignite-UX TFTP File Access Information Disclosure
The remote host has a TFTP server installed that is serving one or more HP Ignite-UX files. These files may contain sensitive information. A remote attacker could use this information to mount further attacks. This NASL script was written by Martin O'Neal of Corsaire http://www.corsaire.com The...
HP Ignite-UX TFTP /etc/pass File Disclosure
The remote host has a vulnerable version of the HP Ignite-UX application installed that exposes the /etc/passwd file to anonymous TFTP access. A remote attacker could use this information to mount further attacks. This NASL script was written by Martin O'Neal of Corsaire http://www.corsaire.com T...
HP-UX Ignite-UX TFTP Service Remote File Manipulation
The remote host has a vulnerable version of the HP Ignite-UX application installed that exposes a world-writeable directory to anonymous TFTP access. A remote attacker could exploit this to upload arbitrary files. This NASL script was written by Martin O'Neal of Corsaire http://www.corsaire.com T...
CVE-2004-0951
The makerecovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote attackers to obtain sensitive information...
CVE-2004-0952
HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the addnewclient command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption...
CVE-2004-0952
Affected software : HP-UX B.11.00–B.11.23 running Ignite-UX. Vulnerability : the add_new_client operation in Ignite-UX causes the TFTP server to grant world-writable permissions to part of the directory tree. Impact : remote attackers could modify data or trigger disk consumption via unauthorized...
CVE-2004-0951
HP Ignite-UX: The TFTP service’s make_recovery command (pre-C.6.2.241) copies the password file within the TFTP directory tree, enabling remote disclosure of /etc/passwd. Affected: HP-UX Ignite-UX TFTP server. Impact: partial confidentiality. Remediation: upgrade to C.6.2.241 or later (HP Ignite-...
Corsaire Security Advisory: HP Ignite-UX filesystem permissions issue
-- Corsaire Security Advisory -- Title: HP Ignite-UX filesystem permissions issue Date: 23.11.04 Application: HP Ignite-UX prior to version C.6.2.241 Environment: HP-UX Author: Martin O'Neal [email protected] Audience: General distribution Reference: c041123-002 -- Scope -- The aim of thi...
[security bulletin] SSRT4874 rev.0 - HP-UX Ignite-UX Remote Unauthorized Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBUX01219 REVISION: 0 SSRT4874 rev.0 - HP-UX Ignite-UX Remote Unauthorized Access NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. INITIAL RELEASE: 15 August 2005 POTENTIAL SECURITY...
Multiple HP Ignite-UX deployment tool vulnerabilities
/etc/passwd copy is available via TFTP, TFTP filesystem is world writable...
CVE-2004-0951
The makerecovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote attackers to obtain sensitive information...
CVE-2004-0952
HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the addnewclient command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption...
CVE-2000-0159
CVE-2000-0159 affects HP Ignite-UX. The issue: when imaging a trusted system, Ignite-UX does not save /etc/passwd, which can leave the password field blank and enable privilege escalation. The description and connected documents confirm the vulnerable component and the underlying behavior, but do...
CVE-2000-0159
HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges...
CVE-2000-0159
HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges...