Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0248

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2001-0248
Last Modified 10 Sep 2008 03:07:35
Published 18 Jun 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0248

Summary

Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings.

Vulnerable Systems

Operating System

  • Hp-ux 10.00

  • Hp-ux 10.10

  • Hp-ux 10.20

  • Hp-ux 10.30

  • Hp-ux 11.00


References

CERT - CA-2001-07

BID - 2552

XF - ftp-glob-expansion(6332)

NAI - 20010409 Globbing Vulnerabilities in Multiple FTP Daemons


Last Updated: 27 May 2016 10:36:12