Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0318

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-0318
Last Modified 05 Sep 2008 04:23:49
Published 02 Jun 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0318

Summary

Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd).

Vulnerable Systems

Application

  • Proftpd Project Proftpd 1.2.0 Rc2


References

MANDRAKE - MDKSA-2001:021

DEBIAN - DSA-029

BUGTRAQ - 20010206 Response to ProFTPD issues

XF - proftpd-format-string(6433)

BUGTRAQ - 20010110 proftpd 1.2.0rc2 -- example of bad coding

CONECTIVA - CLA-2001:380


Last Updated: 27 May 2016 10:36:13