TFTP File Detection (HP Ignite-UX Passwd) Network Vulnerability

Summary

The remote host has a vulnerable version of the HP Ignite-UX application installed that exposes the /etc/passwd file to anonymous TFTP access.

Solution

Upgrade to a version of the Ignite-UX application that does not exhibit this behaviour. If it is not required, disable or uninstall the TFTP server. Otherwise restrict access to trusted sources only.

References

http://www.corsaire.com/advisories/c041123-001.txt

Updated on 2015-03-25

Severity

Classification

CVE CVE-2004-0951

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe AIR Multiple Vulnerabilities -01 Feb13 (Linux)
Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Mac OS X)
Adobe Dreamweaver Insecure Library Loading Vulnerability
Adobe Air Multiple Vulnerabilities -01 August 12 (Mac OS X)
Adobe Air Multiple Vulnerabilities - October 12 (Windows)

TFTP file detection (HP Ignite-UX passwd)

Take action and discover your vulnerabilities