Re: FTP "|" Vulnerability

Robin King_1 · ‎02-04-2003

I have been asked to investigate the reported vulnerability with ftp and "|" when used in the filename.

http://online.securityfocus.com/bid/396/discussion/

I can't seem to find a relevant patch in the database, can anyone advise the patches I should be looking for. I need to patch 10.20 and 11.0

Thanks!

Bill McNAMARA_1 · ‎02-04-2003

enter ftp in at this link:
http://www4.itrc.hp.com/service/cki/enterService.do?category=c1s9

Although I believe that issue is as old as the hills, I think with a recent QPK you'll be just fine.

Later,
Bill

It works for me (tm)

U.SivaKumar_2 · ‎02-04-2003

Hi,

These patches will fix that.( check for any superseded patches if any )

HP-UX release 10.20 PHNE_13597
HP-UX release 10.20 PHNE_15544
HP-UX release 11.00 PHNE_14479

you can get this patches from this site itself.

regards,

U.SivaKumar

Innovations are made when conventions are broken

Robin King_1 · ‎02-04-2003

Thanks both of you, just found this on the Security Focus website.

Install the applicable patches for the fileset: InternetSrvcs.INETSVCS-RUN or InternetSrvcs.INET-ENG-A-MAN.

HP-UX release 10.0,10.01,10.10 PHNE_13596
HP-UX release 10.16 PHNE_16006
HP-UX release 10.20 PHNE_13597
HP-UX release 10.24 PHNE_15802
HP-UX release 11.00 PHNE_14479

Mark Greene_1 · ‎02-04-2003

Be aware that patch PHNE_14479 has been superceded by PHNE_23949.

mark

the future will be a lot like now, only later

Categories

Company

Local Language

Community

Resources

Other HPE Sites

Forums

Blogs

Re: FTP "|" Vulnerability

FTP "|" Vulnerability