CVE-2001-0249

9.8CRITICAL

Key Information:

Vendor: HP
Status: Sunos; Solaris
Vendor: CVE Published:; 18 June 2001

Summary

Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings.

References

http://www.nai.com/research/covert/advisories/048.asp

vendor-advisoryx_refsource_NAI

http://www.cert.org/advisories/CA-2001-07.html

third-party-advisoryx_refsource_CERT

http://www.securityfocus.com/bid/2550

vdb-entryx_refsource_BID

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 18, 2001
Vulnerability Reserved
Mar 22, 2001