TFTP Directory Permissions (HP Ignite-UX) Network Vulnerability

Summary

The remote host has a vulnerable version of the HP Ignite-UX application installed that exposes a world-writeable directory to anonymous TFTP access.

Solution

Upgrade to a version of the Ignite-UX application that does not exhibit this behaviour. If it is not required, disable or uninstall the TFTP server. Otherwise restrict access to trusted sources only.

References

http://www.corsaire.com/advisories/c041123-002.txt

Updated on 2015-03-25

Severity

Classification

CVE CVE-2004-0952

CVSS	Base Score: 6.4 AV:N/AC:L/Au:N/C:N/I:P/A:P

Related Vulnerabilities

Apache Tomcat Multiple Vulnerabilities-01 (Nov14)
Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Windows)
Apache Tomcat AJP Request Remote Denial Of Service Vulnerability
Apple Safari Secure Cookie Security Bypass Vulnerability (Windows)
Apple Safari JavaScript Implementation Information Disclosure Vulnerability (Windows)

TFTP directory permissions (HP Ignite-UX)

Take action and discover your vulnerabilities