Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0421

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2001-0421
Last Modified 05 Sep 2008 04:24:04
Published 02 Jul 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0421

Summary

FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition.

Vulnerable Systems

Operating System

  • Sun Solaris 2.6

  • Sun Solaris 8.0


References

BID - 2601

BUGTRAQ - 20010417 Re: SUN SOLARIS 5.6/5.7 FTP Globbing Exploit !


Last Updated: 27 May 2016 10:36:15