CVE-2004-0952 Information

Description

HP-UX B.11.00 through B.11.23 when running Ignite-UX and using the add_new_client command causes the TFTP server to set world-writable permissions on part of the directory tree which allows remote attackers to modify data or cause disk consumption.

Reference

http://marc.info/?l=bugtraq&m=112420609211136&w=2 http://marc.info/?l=bugtraq&m=112422597529112&w=2 http://secunia.com/advisories/16456/ http://securitytracker.com/id?1014711 https://exchange.xforce.ibmcloud.com/vulnerabilities/21857 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A5775