Intrusion Prevention



It indicates a possible exploit of a directory listing vulnerability in the FTP server in HP-UX that may allow remote attackers to list arbitrary directories as root by running the LIST command before logging in.

Affected Products

HP HP-UX 11.0 4
HP HP-UX 11.0
HP HP-UX 10.20
HP HP-UX B.11.11
HP HP-UX B.11.04
HP HP-UX B.11.00


Information disclosure.

Recommended Actions

Refer to the vendor's web site for suggested workaround.

CVE References

CVE-2008-5626 CVE-2005-3296