var-200711-0181
Vulnerability from variot
Unspecified vulnerability in Hitachi JP1/File Transmission Server/FTP 01-00 through 08-10-01 allows remote attackers to bypass authentication and "view files" via unspecified vectors. Attackers can exploit this issue to bypass security restrictions and obtain potentially sensitive information that could aid in further attacks.
2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively.
Get a free trial of the Secunia Vulnerability Intelligence Solutions: http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv
TITLE: JP1/File Transmission Server/FTP Authentication Bypass and DoS
SECUNIA ADVISORY ID: SA27735
VERIFY ADVISORY: http://secunia.com/advisories/27735/
CRITICAL: Moderately critical
IMPACT: Security Bypass, DoS
WHERE:
From remote
SOFTWARE: Hitachi JP1/File Transmission Server/FTP http://secunia.com/product/3821/
DESCRIPTION: Two vulnerabilities have been reported in JP1/File Transmission Server/FTP, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to bypass certain security restrictions.
The vulnerability affects HP-UX, HP-UX(IPF), AIX, Solaris, Linux, Linux(IPF), HP-UX(English version), and HI-UX/WE2.
2) An error in the processing of an unspecified FTP command can be exploited to stop the FTP service via a specially crafted file.
The vulnerability affects Windows(x86), Windows(IPF), Windows(English version), and Windows9X.
SOLUTION: Update to the latest versions (please see vendor advisories for details).
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://www.hitachi-support.com/security_e/vuls_e/HS07-037_e/index-e.html http://www.hitachi-support.com/security_e/vuls_e/HS07-038_e/index-e.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200711-0181",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 1.8,
"vendor": "hitachi",
"version": "08-00-02"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 1.8,
"vendor": "hitachi",
"version": "08-00-01"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 1.8,
"vendor": "hitachi",
"version": "08-01-01"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 1.8,
"vendor": "hitachi",
"version": "08-01-02"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 1.8,
"vendor": "hitachi",
"version": "08-00-03"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "ne",
"trust": 1.8,
"vendor": "hitachi",
"version": "08-10-02"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.6,
"vendor": "hitachi",
"version": "06_00_c"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.6,
"vendor": "hitachi",
"version": "06_00_b"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.6,
"vendor": "hitachi",
"version": "06_01_e"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.6,
"vendor": "hitachi",
"version": "07_00"
},
{
"model": "jp1/file transmission server/ftp 07-10-/a",
"scope": null,
"trust": 1.5,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "08-01-03"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "07-50-01"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "07-50"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "ne",
"trust": 1.2,
"vendor": "hitachi",
"version": "07-50-03"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "06-00"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "08-10"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "07-50-02"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "08-10-01"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "08-01"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "08-00-04"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "07_20"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "08_00_01"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "06_00_a"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "07_00_a"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "06_01"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "07_11_a"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "05_10_b"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "05_10_h"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "08_00_03"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "06_02"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "07_00_b"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "05_00"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "06_02_e"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "07_50_02"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "06_00_d"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "06_00"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "08_00"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "08_00_02"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "07_10"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "05_10_a"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "08_01"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "08_00_05"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "07_20_a"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "08_01_02"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "08_01_04"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "07_20_b"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "07_50_03"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "06_02_c"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "06_02_d"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "06_02_f"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "05_10_c"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "07_10_b"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "06_01_a"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "07_10_c"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "06_01_c"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "08_00_04"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "06_02_a"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "05_10_e"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "07_10_a"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "06_01_b"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "05_10_f"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "08_01_03"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "08_10_01"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "06_02_g"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "05_10_g"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "06_02_b"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "05_10_d"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "07_50_04"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "07_50_01"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "07_11"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "06_00_e"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "08_01_01"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "06_01_d"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "05_10"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "06_00_f"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "07_50"
},
{
"model": "jp1 file transmission server",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "01_00"
},
{
"model": "jp1/file transmission server/ftp 06-00-/b",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 06-02-/c",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 07-00-/a",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "06-02"
},
{
"model": "jp1/file transmission server/ftp 06-00-/c",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 06-02-/a",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 06-00-/a",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 06-02-/b",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 06-02-/d",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 06-02-/e",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 06-01-/b",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 07-10-/b",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 06-02-/f",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "05-10"
},
{
"model": "jp1/file transmission server/ftp 05-10-/b",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 06-00-/e",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 06-01-/c",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-01"
},
{
"model": "jp1/file transmission server/ftp 05-10-/a",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 06-00-/d",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 05-10-/c",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 06-01-/a",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-01-04"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "ne",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-50-05"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-50-03"
},
{
"model": "jp1/file transmission server/ftp 07-11-/a",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-01-"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00-"
},
{
"model": "jp1/file transmission server/ftp 06-00-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 07-10-/b hp-ux",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-11"
},
{
"model": "jp1/file transmission server/ftp 05-10-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-01-04"
},
{
"model": "jp1/file transmission server/ftp (linux ip",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00-04-"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-10-"
},
{
"model": "jp1/file transmission server/ftp 06-01-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-00"
},
{
"model": "jp1/file transmission server/ftp 07-20-/b (linux ip",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00-05"
},
{
"model": "jp1/file transmission server/ftp 06-02-/g",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-50-02"
},
{
"model": "jp1/file transmission server/ftp 07-00-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-10-01"
},
{
"model": "jp1/file transmission server/ftp hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-01"
},
{
"model": "jp1/file transmission server/ftp 07-20-/a",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 07-20-/c",
"scope": "ne",
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp (hp-ux engli",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00-"
},
{
"model": "jp1/file transmission server/ftp (linux ip",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-01-03-"
},
{
"model": "jp1/file transmission server/ftp hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00-04"
},
{
"model": "jp1/file transmission server/ftp (hp-ux engli",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00-"
},
{
"model": "jp1/file transmission server/ftp 05-10-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 05-10-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp (hp-ux engli",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-50-"
},
{
"model": "jp1/file transmission server/ftp (hp-ux engli",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-00-"
},
{
"model": "jp1/file transmission server/ftp 05-10-/h",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp (linux ip",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-10-01-"
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00-"
},
{
"model": "jp1/file transmission server/ftp (hp-ux en",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00-01-"
},
{
"model": "jp1/file transmission server/ftp 07-10-/c",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "01-00"
},
{
"model": "jp1/file transmission server/ftp hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-10"
},
{
"model": "jp1/file transmission server/ftp 07-00-/a hp-ux",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp 05-10-/g",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-20-"
},
{
"model": "jp1/file transmission server/ftp hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-50"
},
{
"model": "jp1/file transmission server/ftp hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "jp1/file transmission server/ftp 06-01-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/file transmission server/ftp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-50-04"
}
],
"sources": [
{
"db": "BID",
"id": "26530"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000999"
},
{
"db": "CNNVD",
"id": "CNNVD-200711-376"
},
{
"db": "NVD",
"id": "CVE-2007-6145"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:hitachi:jp1_file_transmission_server_ftp",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000999"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor disclosed this issue.",
"sources": [
{
"db": "BID",
"id": "26530"
},
{
"db": "CNNVD",
"id": "CNNVD-200711-376"
}
],
"trust": 0.9
},
"cve": "CVE-2007-6145",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2007-6145",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2007-000999",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-6145",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2007-000999",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200711-376",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000999"
},
{
"db": "CNNVD",
"id": "CNNVD-200711-376"
},
{
"db": "NVD",
"id": "CVE-2007-6145"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Hitachi JP1/File Transmission Server/FTP 01-00 through 08-10-01 allows remote attackers to bypass authentication and \"view files\" via unspecified vectors. \nAttackers can exploit this issue to bypass security restrictions and obtain potentially sensitive information that could aid in further attacks. \n\n----------------------------------------------------------------------\n\n2003: 2,700 advisories published\n2004: 3,100 advisories published\n2005: 4,600 advisories published\n2006: 5,300 advisories published\n\nHow do you know which Secunia advisories are important to you?\n\nThe Secunia Vulnerability Intelligence Solutions allows you to filter\nand structure all the information you need, so you can address issues\neffectively. \n\nGet a free trial of the Secunia Vulnerability Intelligence Solutions:\nhttp://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv\n\n----------------------------------------------------------------------\n\nTITLE:\nJP1/File Transmission Server/FTP Authentication Bypass and DoS\n\nSECUNIA ADVISORY ID:\nSA27735\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/27735/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSecurity Bypass, DoS\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nHitachi JP1/File Transmission Server/FTP\nhttp://secunia.com/product/3821/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in JP1/File Transmission\nServer/FTP, which can be exploited by malicious users to cause a DoS\n(Denial of Service) and by malicious people to bypass certain\nsecurity restrictions. \n\nThe vulnerability affects HP-UX, HP-UX(IPF), AIX, Solaris, Linux,\nLinux(IPF), HP-UX(English version), and HI-UX/WE2. \n\n2) An error in the processing of an unspecified FTP command can be\nexploited to stop the FTP service via a specially crafted file. \n\nThe vulnerability affects Windows(x86), Windows(IPF), Windows(English\nversion), and Windows9X. \n\nSOLUTION:\nUpdate to the latest versions (please see vendor advisories for\ndetails). \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.hitachi-support.com/security_e/vuls_e/HS07-037_e/index-e.html\nhttp://www.hitachi-support.com/security_e/vuls_e/HS07-038_e/index-e.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6145"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000999"
},
{
"db": "BID",
"id": "26530"
},
{
"db": "PACKETSTORM",
"id": "61096"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-6145",
"trust": 2.7
},
{
"db": "BID",
"id": "26530",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "27735",
"trust": 2.6
},
{
"db": "HITACHI",
"id": "HS07-037",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2007-3957",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "42353",
"trust": 1.6
},
{
"db": "XF",
"id": "38610",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000999",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200711-376",
"trust": 0.6
},
{
"db": "HITACHI",
"id": "HS07-038",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "61096",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "26530"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000999"
},
{
"db": "PACKETSTORM",
"id": "61096"
},
{
"db": "CNNVD",
"id": "CNNVD-200711-376"
},
{
"db": "NVD",
"id": "CVE-2007-6145"
}
]
},
"id": "VAR-200711-0181",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.1765352357142857
},
"last_update_date": "2024-11-23T22:14:53.237000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HS07-037",
"trust": 0.8,
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-037_e/index-e.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000999"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000999"
},
{
"db": "NVD",
"id": "CVE-2007-6145"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://secunia.com/advisories/27735"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/26530"
},
{
"trust": 2.0,
"url": "http://www.hitachi-support.com/security_e/vuls_e/hs07-037_e/index-e.html"
},
{
"trust": 1.6,
"url": "http://osvdb.org/42353"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2007/3957"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/38610"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/3957"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38610"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6145"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-6145"
},
{
"trust": 0.3,
"url": "http://www.hds.com/products/storage-software/hitachi-device-manager.html"
},
{
"trust": 0.3,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/prod/jp1/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv"
},
{
"trust": 0.1,
"url": "http://www.hitachi-support.com/security_e/vuls_e/hs07-038_e/index-e.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3821/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/27735/"
}
],
"sources": [
{
"db": "BID",
"id": "26530"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000999"
},
{
"db": "PACKETSTORM",
"id": "61096"
},
{
"db": "CNNVD",
"id": "CNNVD-200711-376"
},
{
"db": "NVD",
"id": "CVE-2007-6145"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "26530"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000999"
},
{
"db": "PACKETSTORM",
"id": "61096"
},
{
"db": "CNNVD",
"id": "CNNVD-200711-376"
},
{
"db": "NVD",
"id": "CVE-2007-6145"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-11-22T00:00:00",
"db": "BID",
"id": "26530"
},
{
"date": "2008-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000999"
},
{
"date": "2007-11-26T16:56:43",
"db": "PACKETSTORM",
"id": "61096"
},
{
"date": "2007-11-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200711-376"
},
{
"date": "2007-11-27T19:46:00",
"db": "NVD",
"id": "CVE-2007-6145"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-12-18T20:05:00",
"db": "BID",
"id": "26530"
},
{
"date": "2008-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000999"
},
{
"date": "2007-11-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200711-376"
},
{
"date": "2024-11-21T00:39:27.813000",
"db": "NVD",
"id": "CVE-2007-6145"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200711-376"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Hitachi JP1/File Transmission Server/FTP Authentication Bypass Vulnerability",
"sources": [
{
"db": "BID",
"id": "26530"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000999"
}
],
"trust": 1.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200711-376"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…