• info
• discussion
• exploit
• solution
• references

HP Ignite-UX TFTP File Upload Vulnerability

Solution:
Apply the HP Ignite-UX version C.6.2.241 patches. HP has made patches available to HP-UX administrators for versions B.11.0, B.11.11, B.11.22, and B.11.23 (patch Ignite-UX_All_C.6.2.241.depot contains fixes for all four) at http://www.hp.com/go/softwaredepot. See the advisory in the reference section for complete details:

HP has updated advisory HPSBUX01219 (SSRT4874 rev.1 - HP-UX Ignite-UX Remote Unauthorized Access) to include manual workarounds to address this issue. Please see the referenced advisory for more information.


HP HP-UX B.11.23

• HP Ignite-UX-11-23_C.6.2.241_HP-UX_B.11.00_32+64.depot
  

HP HP-UX B.11.11

• HP Ignite-UX-11-11_C.6.2.241_HP-UX_B.11.00_32+64.depot
  

HP HP-UX B.11.00

• HP Ignite-UX-11-00_C.6.2.241_HP-UX_B.11.00_32+64.depot
  

HP HP-UX B.11.22

• HP Ignite-IA-11-22_C.6.2.241_HP-UX_B.11.00_32+64.depot