ftpd.c in (1) wu-ftpd 2.4.2 and (2) ftpd in HP HP-UX B.11.11 assigns uid 0 to the FTP client in certain operating-system misconfigurations in which PAM authentication can succeed even though no passwd entry is available for a user, which allows remote attackers to gain privileges, as demonstrated by a login attempt for an LDAP account when nsswitch.conf does not specify LDAP for passwd information.
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.
| Link | Tags |
|---|---|
| http://www.securitytracker.com/id?1020682 | vdb entry |
| http://www.vupen.com/english/advisories/2008/2364 | vdb entry vendor advisory |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01525562 | vendor advisory |
| http://www.securityfocus.com/bid/30666 | vdb entry |
| http://www.openwall.com/lists/oss-security/2008/08/20/4 | mailing list |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5971 | vdb entry signature |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/44414 | vdb entry |
| http://secunia.com/advisories/31471 | third party advisory vendor advisory |