HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote malicious users to modify data or cause disk consumption.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hp hp-ux 11.11 |
||
hp hp-ux 11.22 |
||
hp hp-ux 11.00 |
||
hp hp-ux 11.23 |