Summary
The remote host has a vulnerable version of the HP Ignite-UX application installed that exposes a world-writeable directory to anonymous TFTP access.
Solution
Upgrade to a version of the Ignite-UX application that does not exhibit this behaviour. If it is not required, disable or uninstall the TFTP server. Otherwise restrict access to trusted sources only.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2004-0952 -
CVSS Base Score: 6.4
AV:N/AC:L/Au:N/C:N/I:P/A:P
Related Vulnerabilities
- Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Windows)
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Windows)
- Apache Tomcat Remote Code Execution Vulnerability - Sep14
- Active Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability (Win)
- Adobe Reader Old Plugin Signature Bypass Vulnerability (Windows)