TFTP: HP Ignite-UX Password File Retrieval

This signature detects retrieval of the system password file through TFTP. By default, HP Ignite-UX maintains a copy of the system password file in a known location. Malicious users can retrieve the password file and attempt to gain administrative access to the system.

Extended Description

During installation, Ignite-UX can use a TFTP server for remote access. Under some circumstances, a copy of the passwd file will be stored in the TFTP server path.

Affected Products

Hp hp-ux

Short Name
TFTP:FILE:PASSWD-MAKREC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
TFTP
Keywords
CVE-2004-0951 File HP Ignite-UX Password Retrieval bid:14568
Release Date
09/12/2005
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3375
False Positive
Unknown
Vendors

Hp

CVSS Score

7.5

Found a potential security threat?