Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2001-0247

Published: 18/06/2001 Updated: 21/01/2020
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Mit

Vulnerability Summary

Buffer overflows in BSD-based FTP servers allows remote malicious users to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mit kerberos 5 1.2.1

mit kerberos 5 1.2.2

sgi irix 6.5.3

sgi irix 6.5.3f

sgi irix 6.5.1

sgi irix 6.5.10

sgi irix 6.5.5

sgi irix 6.5.6

mit kerberos 5 1.1.1

sgi irix 6.1

sgi irix 6.5.3m

sgi irix 6.5.4

mit kerberos 5 1.2

sgi irix 6.5.11

sgi irix 6.5.2m

sgi irix 6.5.7

sgi irix 6.5.8

freebsd freebsd 2.2

freebsd freebsd 3.1

freebsd freebsd 2.2.5

freebsd freebsd 2.2.6

freebsd freebsd 3.5

freebsd freebsd 3.5.1

netbsd netbsd 1.3.1

netbsd netbsd 1.3.2

openbsd openbsd 2.4

openbsd openbsd 2.5

freebsd freebsd 3.2

freebsd freebsd 4.1.1

freebsd freebsd 4.2

netbsd netbsd 1.4.1

netbsd netbsd 1.4.2

netbsd netbsd 1.4.3

openbsd openbsd 2.8

freebsd freebsd 2.2.2

freebsd freebsd 2.2.3

freebsd freebsd 2.2.4

freebsd freebsd 3.3

freebsd freebsd 3.4

netbsd netbsd 1.2.1

netbsd netbsd 1.3

netbsd netbsd 1.5

openbsd openbsd 2.3

freebsd freebsd 2.2.8

freebsd freebsd 3.0

freebsd freebsd 4.0

freebsd freebsd 4.1

netbsd netbsd 1.3.3

netbsd netbsd 1.4

openbsd openbsd 2.6

openbsd openbsd 2.7

Exploits

Exploit DB: OpenBSD 2.x < 2.8 FTPd - 'glob()' Remote Buffer Overflow
source: wwwsecurityfocuscom/bid/2548/info The BSD ftp daemon and derivatives (such as IRIX ftpd or the ftp daemon shipped with Kerberos 5) contain a number of buffer overflows that may lead to a compromise of root access to malicious users During parsing operations, the ftp daemon assumes that there can never be more than 512 byt ...
Exploit DB: FreeBSD 4.2-stable - FTPd 'glob()' Remote Buffer Overflow
source: wwwsecurityfocuscom/bid/2548/info The BSD ftp daemon and derivatives (such as IRIX ftpd or the ftp daemon shipped with Kerberos 5) contain a number of buffer overflows that may lead to a compromise of root access to malicious users During parsing operations, the ftp daemon assumes that there can never be more than 512 bytes ...
Exploit DB: FreeBSD 2.2-4.2 / NetBSD 1.2-4.5 / OpenBSD 2.x - FTPd 'glob()' Remote Buffer Overflow
source: wwwsecurityfocuscom/bid/2548/info The BSD ftp daemon and derivatives (such as IRIX ftpd or the ftp daemon shipped with Kerberos 5) contain a number of buffer overflows that may lead to a compromise of root access to malicious users During parsing operations, the ftp daemon assumes that there can never be more than 512 bytes of ...

References

NVD-CWE-Otherhttp://www.cert.org/advisories/CA-2001-07.htmlftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.aschttp://archives.neohapsis.com/archives/freebsd/2001-04/0466.htmlhttp://www.securityfocus.com/bid/2548http://www.nai.com/research/covert/advisories/048.aspftp://patches.sgi.com/support/free/security/advisories/20010802-01-Phttps://exchange.xforce.ibmcloud.com/vulnerabilities/6332https://nvd.nist.govhttps://www.exploit-db.com/exploits/20733/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook