ISS X-Force Database: hpigniteux-makerecovery-bypass-security(21858): HP Ignite UX make

HP Ignite UX make_recovery bypass security

hpigniteux-makerecovery-bypass-security (21858)

High Risk

Description:

Hewlett-Packard Ignite-UX could allow an attacker to bypass security. A remote attacker can send a request to the make_recovery command, which creates a copy of the /etc/passwd file in the TFTP server directory tree and could allow the attacker anonymous access.

Note: The make_recovery command has been removed since version C.6.0, but the password file may still exist in the TFTP server directory tree if an older version has been used before.

Platforms Affected:

HP, HP-UX B.11.00
HP, HP-UX B.11.11
HP, HP-UX B.11.22
HP, HP-UX B.11.23
HP, Ignite-UX

Remedy:

For HP-UX:
Apply patch Ignite-UX-11-00_c.62241, available from the Hewlett-Packard Company Web site. Hewlett-Packard customers can obtain a fix for this vulnerability from the IT Resource Center at the Hewlett-Packard Company Web site. See References.

Consequences:

Bypass Security

References:

CIAC INFORMATION BULLETIN P-277, HP-UX Ignite-UX Remote Unauthorized Access at http://www.ciac.org/ciac/bulletins/p-277.shtml.
Hewlett-Packard Company Web site, IT Resource Center - login / register at http://www1.itrc.hp.com/service/cki/secBullArchive.do?admit=-682735245+1116276188578+28353475.
Ignite-UX Product page, Hewlett-Packard Co. at http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=IGNITEUXB.
BID-14568: HP Ignite-UX Password File Disclosure Vulnerability
CVE-2004-0951: The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote attackers to obtain sensitive information.
SA16456: HP Ignite-UX TFTP Service Two Vulnerabilities
SECTRACK ID: 1014711: HP-UX Ignite-UX File Permission Flaw May Let Remote Users Access and Modify Ignite-UX Client Data

Reported:

Aug 16, 2005

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page