CVE-2004-0952 — HP Hp-ux vulnerability

3 documents3 sources

Severity

6.4MEDIUMNVD

EPSS

1.7%

top 17.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Hp-ux

Timeline

PublishedDec 31

Latest updateApr 29

Description

HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption.

CVSS vector

AV:N/AC:L/C:N/I:P/A:PExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

▶NVDhp/hp-ux4 versions+3

Patches

Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-f989-7mm7-7q3r: HP-UX B↗2022-04-29

▶

CVEList

CVE-2004-0952: HP-UX B↗2005-08-19

▶