Turning off FTPchmodable
Results 1 to 2 of 2

Thread: Turning off FTPchmodable

  1. #1
    Member
    Join Date
    Feb 2003
    Posts
    94

    Question Turning off FTPchmodable

    I am working through a scan and some servers that came up with vulnerabilities. One of them is on a HPUX 11.11 (sorry - not Linux me'ah) server that lists the exploit:

    "FTPchmodable: FTP server allows the chmod command to be executed"

    The remedy only states to "Configure your FTP server to not allow users to execute the chmod command"

    What I have found so far is that we need to install & use the WU-FTP instead. Then once, we have WU-FTP we can edit /etc/ftpd/ftpaccess to add:

    "chmod no anonymous, guest, real"

    But is there another or better way?

    Thanks!

  2. #2
    Member
    Join Date
    Feb 2003
    Posts
    94
    Doh!

    Never mind. I found what I was looking for with this one. I tracked it down at:

    http://www.iss.net

    Just put in the error and bada-bing. I cross-referenced with the vendor. It depends on what version of the HPUX OS your system would be running, and depending on that, would hook you up with WU-FTP or the equivalent that then can be edited as stated originally by the remedy.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •