oval:org.mitre.oval:def:5971

Definition Id: oval:org.mitre.oval:def:5971

Oval ID:	oval:org.mitre.oval:def:5971
Title:	HP-UX Running ftpd, Remote Privileged Access
Description:	ftpd.c in (1) wu-ftpd 2.4.2 and (2) ftpd in HP HP-UX B.11.11 assigns uid 0 to the FTP client in certain operating-system misconfigurations in which PAM authentication can succeed even though no passwd entry is available for a user, which allows remote attackers to gain privileges, as demonstrated by a login attempt for an LDAP account when nsswitch.conf does not specify LDAP for passwd information.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2008-1668	Version:	3
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
HP Release B.11.11 AND InternetSrvcs.INETSVCS-RUN is installed AND NOT Patch PHNE_38458 is installed