Lucene search
K

716 matches found

OpenVAS
OpenVAS
added 2006/03/26 12:0 a.m.50 views

TFTP File Detection (HP Ignite-UX passwd) - Active Check

The remote host has a vulnerable version of the HP Ignite-UX application installed that exposes the /etc/passwd file to anonymous TFTP access. SPDX-FileCopyrightText: 2005 Corsaire Limited Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

7.5CVSS5.9AI score0.04464EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2005/08/26 12:0 a.m.193 views

HP Ignite-UX TFTP File Access Information Disclosure

The remote host has a TFTP server installed that is serving one or more HP Ignite-UX files. These files may contain sensitive information. A remote attacker could use this information to mount further attacks. This NASL script was written by Martin O'Neal of Corsaire http://www.corsaire.com The...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/08/26 12:0 a.m.134 views

HP Ignite-UX TFTP /etc/pass File Disclosure

The remote host has a vulnerable version of the HP Ignite-UX application installed that exposes the /etc/passwd file to anonymous TFTP access. A remote attacker could use this information to mount further attacks. This NASL script was written by Martin O'Neal of Corsaire http://www.corsaire.com T...

7.5CVSS5.5AI score0.04464EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2005/08/26 12:0 a.m.43 views

HP-UX Ignite-UX TFTP Service Remote File Manipulation

The remote host has a vulnerable version of the HP Ignite-UX application installed that exposes a world-writeable directory to anonymous TFTP access. A remote attacker could exploit this to upload arbitrary files. This NASL script was written by Martin O'Neal of Corsaire http://www.corsaire.com T...

6.4CVSS5.7AI score0.04615EPSS
Exploits0References2
Cvelist
Cvelist
added 2005/08/19 4:0 a.m.26 views

CVE-2004-0951

The makerecovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote attackers to obtain sensitive information...

6.7AI score0.04464EPSS
Exploits1References5
Cvelist
Cvelist
added 2005/08/19 4:0 a.m.27 views

CVE-2004-0952

HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the addnewclient command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption...

6.7AI score0.04615EPSS
Exploits0References6
CVE
CVE
added 2005/08/19 4:0 a.m.58 views

CVE-2004-0952

Affected software : HP-UX B.11.00–B.11.23 running Ignite-UX. Vulnerability : the add_new_client operation in Ignite-UX causes the TFTP server to grant world-writable permissions to part of the directory tree. Impact : remote attackers could modify data or trigger disk consumption via unauthorized...

6.4CVSS6.7AI score0.04615EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2005/08/19 4:0 a.m.63 views

CVE-2004-0951

HP Ignite-UX: The TFTP service’s make_recovery command (pre-C.6.2.241) copies the password file within the TFTP directory tree, enabling remote disclosure of /etc/passwd. Affected: HP-UX Ignite-UX TFTP server. Impact: partial confidentiality. Remediation: upgrade to C.6.2.241 or later (HP Ignite-...

7.5CVSS6.7AI score0.04464EPSS
Exploits1References5Affected Software1
securityvulns
securityvulns
added 2005/08/17 12:0 a.m.36 views

Corsaire Security Advisory: HP Ignite-UX filesystem permissions issue

-- Corsaire Security Advisory -- Title: HP Ignite-UX filesystem permissions issue Date: 23.11.04 Application: HP Ignite-UX prior to version C.6.2.241 Environment: HP-UX Author: Martin O'Neal [email protected] Audience: General distribution Reference: c041123-002 -- Scope -- The aim of thi...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2005/08/17 12:0 a.m.32 views

[security bulletin] SSRT4874 rev.0 - HP-UX Ignite-UX Remote Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBUX01219 REVISION: 0 SSRT4874 rev.0 - HP-UX Ignite-UX Remote Unauthorized Access NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. INITIAL RELEASE: 15 August 2005 POTENTIAL SECURITY...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2005/08/17 12:0 a.m.25 views

Multiple HP Ignite-UX deployment tool vulnerabilities

/etc/passwd copy is available via TFTP, TFTP filesystem is world writable...

1.6AI score
Exploits0References2
NVD
NVD
added 2004/12/31 5:0 a.m.26 views

CVE-2004-0951

The makerecovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote attackers to obtain sensitive information...

7.5CVSS6.7AI score0.04464EPSS
Exploits1References5
NVD
NVD
added 2004/12/31 5:0 a.m.23 views

CVE-2004-0952

HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the addnewclient command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption...

6.4CVSS6.7AI score0.04615EPSS
Exploits0References6
CVE
CVE
added 2000/04/18 4:0 a.m.51 views

CVE-2000-0159

CVE-2000-0159 affects HP Ignite-UX. The issue: when imaging a trusted system, Ignite-UX does not save /etc/passwd, which can leave the password field blank and enable privilege escalation. The description and connected documents confirm the vulnerable component and the underlying behavior, but do...

7.5CVSS7.3AI score0.01997EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2000/04/18 4:0 a.m.23 views

CVE-2000-0159

HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges...

6.9AI score0.01997EPSS
Exploits0References1
NVD
NVD
added 2000/02/17 5:0 a.m.19 views

CVE-2000-0159

HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges...

7.5CVSS6.9AI score0.01997EPSS
Exploits0References1
Rows per page
Query Builder