• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

Security Vulnerability with ftp on HP-UX
HPSBUX9807-079
Published: 1998-07-22 00:00:00
Updated: 1998-07-22 00:00:00

Document ID:  HPSBUX9807-079
Date Loaded:  19980722
      Title:  Security Vulnerability with ftp on HP-UX

-------------------------------------------------------------------------
PROBLEM: ftp client interprets server provided filenames which can
         cause commands to be run on the client.

PLATFORM: HP9000 series 700/800, HP-UX releases 9.X, 10.X, and 11.00

DAMAGE:   Local users can increase their privileges

SOLUTION: Install the patches listed below.

AVAILABILITY: All patches are available now, except as noted.

-------------------------------------------------------------------------
I.
   A. Background

   The ftp client can be tricked into running arbitrary commands
   supplied by the remote server.

   B. Fixing the problem

   Install the applicable patches for the fileset: ARPA-RUN ARPA-MAN
         HP-UX release   9.X                 PHNE_13595

   Install the applicable patches for the fileset:
   InternetSrvcs.INETSVCS-RUN or InternetSrvcs.INET-ENG-A-MAN.

         HP-UX release   10.0,10.01,10.10    PHNE_13596
         HP-UX release   10.16               PHNE_16006 *
         HP-UX release   10.20               PHNE_13597
         HP-UX release   10.24               PHNE_15802
         HP-UX release   11.00               PHNE_14479

   The CMW release (HP-UX 10.16) will be available after 10 August 98.

   Install the applicable patches for the fileset:
   InternetSvcSec.INETSVCS-SEC or InternetSvcSec.ISEC-ENG-A-MAN,
   (Secure Internet Services),
         HP-UX release   10.20               PHNE_15544


   C. Recommended solution - Install the applicable patches.
      NOTE: The Secure Internet Services product, if enabled, has to
            be disabled before the installation and removal of
            patch PHNE_15544 for HP-UX 10.20.
            If Secure Internet Services is enabled during patch
            installation, the installation will fail with an error.
      NOTE: On the HP-UX 11.00 release patch only:
            This version of FTP has some new configuration files that
            can be used to take advantage of new functionality. Sample
            of the new configuration files are provided in
            /usr/newconfig/etc/ftpd.
            These files can be altered per your needs and copied
            to the location /etc/ftpd.  Information on these new
            features introduced by this new version of ftpd are in
            the file:
                  /usr/share/doc/RelNotes_newftp.txt