Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0667

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-0667
Last Modified 05 Sep 2008 04:24:38
Published 30 Oct 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0667

Summary

Internet Explorer 6 and earlier, when used with the Telnet client in Services for Unix (SFU) 2.0, allows remote attackers to execute commands by spawning Telnet with a log file option on the command line and writing arbitrary code into an executable file which is later executed, aka a new variant of the Telnet Invocation vulnerability as described in CVE-2001-0150.

Vulnerable Systems

Application

  • Microsoft Ie 6


References

CERT-VN - VU#952611

MS - MS01-051

XF - ie-telnet-command-execution-variant(7260)

CIAC - M-024


Last Updated: 27 May 2016 10:36:21