Default FTP Configuration in HP Visualize Conference Allows Unauthorized File Transfer
CVE-1999-0707

Currently unrated

Key Information:

Vendor: HP
Status: Visualize Conference Ftp
Vendor: CVE Published:; 1 July 1999

Summary

The HP Visualize Conference software has an improper default configuration for its FTP service, enabling conference users to send files to other participants without proper authorization. This flaw can potentially facilitate unwanted data exchange between users, leading to a breach of confidentiality. Administrators should review their FTP settings and ensure that proper access controls are in place to prevent unauthorized file transfers and maintain the integrity of the conversation.

References

http://www.securityfocus.com/bid/493

vdb-entryx_refsource_BID

http://www.ciac.org/ciac/bulletins/j-050.shtml

third-party-advisorygovernment-resourcex_refsource_CIAC

http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=H...

vendor-advisoryx_refsource_HP

Timeline

Vulnerability Reserved
Nov 25, 1999
Vulnerability published
Jul 1, 1999