Software Engineering Institute

The HP-UX FTP daemon (ftpd) is vulnerable to a buffer overflow when the FTP daemon is configured to log debugging information. Debug logging is enabled if the -v flag is present next to the ftpd entry in the inetd.conf (/etc/inetd.conf) configuration file. If an unauthenticated remote attacker supplies the FTP daemon with a specially crafted command, they may be able to trigger a stack-based buffer overflow.

Please note that the debug logging option is disabled by default.

If an unauthenticated, remote attacker supplies the FTP daemon with a specially crafted command, that attacker may be able to execute arbitrary code with the privileges of the FTP daemon, typically root.

Apply Patch

HP has released the following patches to correct this issue:

HP-UX B.11.00: PHNE_29460
HP-UX B.11.04: PHNE_31034
HP-UX B.11.11: PHNE_29461
HP-UX B.11.22: PHNE_29462

HP customers are encouraged to go to the lT Resource Center to download these patches.

Disable Debug Logging

The debug logging option is disabled by default. However, if it is enabled, disable it by removing the -v option from the ftpd command within the service inetd.conf configuration file.