Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1113

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2001-1113
Last Modified 05 Sep 2008 04:25:43
Published 13 Aug 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1113

Summary

Buffer overflow in TrollFTPD 1.26 and earlier allows local users to execute arbitrary code by creating a series of deeply nested directories with long names, then running the ls -R (recursive) command.

Vulnerable Systems

Application

  • Trolltech Trollftpd 1.17

  • Trolltech Trollftpd 1.18

  • Trolltech Trollftpd 1.19

  • Trolltech Trollftpd 1.20

  • Trolltech Trollftpd 1.21

  • Trolltech Trollftpd 1.22

  • Trolltech Trollftpd 1.23

  • Trolltech Trollftpd 1.24

  • Trolltech Trollftpd 1.25

  • Trolltech Trollftpd 1.26


References

XF - trollftpd-long-path-bo(6974)

BID - 3174

BUGTRAQ - 20010813 Local exploit for TrollFTPD-1.26

CONFIRM - ftp://ftp.trolltech.com/freebies/ftpd/troll-ftpd-1.27.tar.gz


Last Updated: 27 May 2016 10:36:32