Stack-based Buffer Overflow in HP-UX FTP Daemon Exposes Security Flaw
CVE-2004-1332

Currently unrated

Key Information:

Vendor: HP
Status: HP-ux Series 800; HP-ux; Sis; Vvos
Vendor: CVE Published:; 31 December 2004

Summary

A stack-based buffer overflow vulnerability exists in the FTP daemon of HP-UX 11.11i when the daemon is run with the -v (debug) option. This flaw allows remote attackers to send specially crafted long command requests that can trigger the overflow, potentially leading to arbitrary code execution on the affected system. It is crucial for organizations using this version of HP-UX to apply security patches and mitigate risks associated with this vulnerability.

References

http://marc.info/?l=bugtraq&m=110797179710695&w=2

vendor-advisoryx_refsource_HP

http://securitytracker.com/id?1012650

vdb-entryx_refsource_SECTRACK

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Jan 6, 2005
Vulnerability published
Dec 31, 2004