Published: 12/02/2001 Updated: 10/10/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote malicious users to gain root privileges.

Vulnerable Product	Search on Vulmon	Subscribe to Product
david madore ftpd-bsd 0.2.3
openbsd openbsd 2.6
openbsd openbsd 2.7
netbsd netbsd 1.4.2
netbsd netbsd 1.5
openbsd openbsd 2.4
openbsd openbsd 2.5
netbsd netbsd 1.4
netbsd netbsd 1.4.1
openbsd openbsd 2.8

source: wwwsecurityfocuscom/bid/2124/info The ftp daemon derived from 4x BSD source contains a serious vulnerability that may compromise root access There exists a one byte overflow in the replydirname() function The overflow condition is due to an off-by-one bug that allows an attacker to write a null byte beyond the boundaries of a ...

/* h0h0h0 0-day k0d3z Exploit by Scrippie, help by dvorak and jimjones greets to sk8 Not fully developt exploit but it works most of the time ;) Things to add: - automatic writeable directory finding - syn-scan option to do mass-scanning - worm capabilities? (should be done seperatly using the -C option 11/13 ...

NVD-CWE-Other http://www.securityfocus.com/bid/2124 http://archives.neohapsis.com/archives/bugtraq/2000-12/0275.html http://www.openbsd.org/advisories/ftpd_replydirname.txt ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc https://exchange.xforce.ibmcloud.com/vulnerabilities/5776 https://nvd.nist.gov https://www.exploit-db.com/exploits/20512/

CVE-2001-0053

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect