// For flags

CVE-2005-3296

 

Severity Score

10.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote attackers to list arbitrary directories as root by running the LIST command before logging in.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2005-10-23 CVE Reserved
  • 2005-10-23 CVE Published
  • 2024-08-07 CVE Updated
  • 2024-08-07 First Exploit
  • 2024-09-29 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
References (15)
URL Tag Source
http://securitytracker.com/id?1015158 Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1029 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1212 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1276 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1439 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1472 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A410 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A421 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A438 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A593 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A615 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A767 Signature
URL Date SRC
http://www.frsirt.com/exploits/20051019.hpux_ftpd_preauth_list.pm.php 2024-08-07
http://www.securityfocus.com/bid/15138 2024-08-07
URL Date SRC
URL Date SRC
http://cert.uni-stuttgart.de/archive/bugtraq/2005/11/msg00126.html 2017-10-11
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Hp
Search vendor "Hp"
 Hp-ux
Search vendor "Hp" for product "Hp-ux"
 10.20
Search vendor "Hp" for product "Hp-ux" and version "10.20"
-
Safe
Hp
Search vendor "Hp"
 Hp-ux
Search vendor "Hp" for product "Hp-ux"
 11.00
Search vendor "Hp" for product "Hp-ux" and version "11.00"
-
Safe
Hp
Search vendor "Hp"
 Hp-ux
Search vendor "Hp" for product "Hp-ux"
 11.11
Search vendor "Hp" for product "Hp-ux" and version "11.11"
-
Safe