CVE-2001-0053

One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc
http://archives.neohapsis.com/archives/bugtraq/2000-12/0275.html	Patch
http://www.openbsd.org/advisories/ftpd_replydirname.txt	Patch Vendor Advisory
http://www.securityfocus.com/bid/2124	Exploit Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5776
ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc
http://archives.neohapsis.com/archives/bugtraq/2000-12/0275.html	Patch
http://www.openbsd.org/advisories/ftpd_replydirname.txt	Patch Vendor Advisory
http://www.securityfocus.com/bid/2124	Exploit Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5776

Configurations

Configuration 1 (hide)

cpe:2.3:a:david_madore:ftpd-bsd:0.2.3:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:o:netbsd:netbsd:1.4:::::::*
	cpe:2.3:o:netbsd:netbsd:1.4.1:::::::*
	cpe:2.3:o:netbsd:netbsd:1.4.2:::::::*
	cpe:2.3:o:netbsd:netbsd:1.5:::::::*
	cpe:2.3:o:openbsd:openbsd:2.4:::::::*
	cpe:2.3:o:openbsd:openbsd:2.5:::::::*
	cpe:2.3:o:openbsd:openbsd:2.6:::::::*
	cpe:2.3:o:openbsd:openbsd:2.7:::::::*
	cpe:2.3:o:openbsd:openbsd:2.8:::::::*

History

20 Nov 2024, 23:34

Type	Values Removed	Values Added
References	~~() ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc -~~	() ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc -
References	~~() http://archives.neohapsis.com/archives/bugtraq/2000-12/0275.html - Patch~~	() http://archives.neohapsis.com/archives/bugtraq/2000-12/0275.html - Patch
References	~~() http://www.openbsd.org/advisories/ftpd_replydirname.txt - Patch, Vendor Advisory~~	() http://www.openbsd.org/advisories/ftpd_replydirname.txt - Patch, Vendor Advisory
References	~~() http://www.securityfocus.com/bid/2124 - Exploit, Patch, Vendor Advisory~~	() http://www.securityfocus.com/bid/2124 - Exploit, Patch, Vendor Advisory
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/5776 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/5776 -

Information

Published : 2001-02-12 05:00

Updated : 2024-11-20 23:34

NVD link : CVE-2001-0053

Mitre link : CVE-2001-0053

CVE.ORG link : CVE-2001-0053

JSON object : View

Products Affected

netbsd

netbsd

david_madore

ftpd-bsd

openbsd

openbsd

CWE

NVD-CWE-Other

10.0 /10