Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0249

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2001-0249
Last Modified 10 Sep 2008 03:07:35
Published 18 Jun 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0249

Summary

Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings.

Vulnerable Systems

Operating System

  • Sun Solaris 2.3

  • Sun Solaris 2.4

  • Sun Solaris 2.5

  • Sun Solaris 2.5.1

  • Sun Solaris 2.6

  • Sun Solaris 7.0

  • Sun Solaris 8.0


References

CERT - CA-2001-07

BID - 2550

XF - ftp-glob-expansion(6332)

NAI - 20010409 Globbing Vulnerabilities in Multiple FTP Daemons


Last Updated: 27 May 2016 10:36:12