Moole Vulnerability Database

Find real vulnerabilities before they ship

Critical

CVE-2001-0249

Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings.

VectorNETWORK

PublishedJun 18, 2001, 04:00

Published Bycve@mitre.org

Base Score

Score9.8

Affected Versions

No affected versions found.

References

http://www.cert.org/advisories/CA-2001-07.html
http://www.nai.com/research/covert/advisories/048.asp
http://www.securityfocus.com/bid/2550
https://exchange.xforce.ibmcloud.com/vulnerabilities/6332

Weakness Type

CWE-131

CVSS Metrics

Base Score

9.8

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base SeverityCritical

Version

3.1

Attack Vector (AV)

NETWORK