CVE-2001-0247

  • Last update: Apr 13, 2023

Description

Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.

Software From Fixed in
freebsd / freebsd 2.2 2.2.x
freebsd / freebsd 2.2.2 2.2.2.x
freebsd / freebsd 2.2.3 2.2.3.x
freebsd / freebsd 2.2.4 2.2.4.x
freebsd / freebsd 2.2.5 2.2.5.x
freebsd / freebsd 2.2.6 2.2.6.x
freebsd / freebsd 2.2.8 2.2.8.x
freebsd / freebsd 3.0 3.0.x
freebsd / freebsd 3.1 3.1.x
freebsd / freebsd 3.2 3.2.x
freebsd / freebsd 3.3 3.3.x
freebsd / freebsd 3.4 3.4.x
freebsd / freebsd 3.5 3.5.x
freebsd / freebsd 3.5.1 3.5.1.x
freebsd / freebsd 4.0 4.0.x
freebsd / freebsd 4.1 4.1.x
freebsd / freebsd 4.1.1 4.1.1.x
freebsd / freebsd 4.2 4.2.x
openbsd / openbsd 2.3 2.3.x
openbsd / openbsd 2.4 2.4.x
openbsd / openbsd 2.5 2.5.x
openbsd / openbsd 2.6 2.6.x
openbsd / openbsd 2.7 2.7.x
openbsd / openbsd 2.8 2.8.x
sgi / irix 6.1 6.1.x
sgi / irix 6.5.1 6.5.1.x
sgi / irix 6.5.10 6.5.10.x
sgi / irix 6.5.11 6.5.11.x
sgi / irix 6.5.2m 6.5.2m.x
sgi / irix 6.5.3 6.5.3.x
sgi / irix 6.5.3f 6.5.3f.x
sgi / irix 6.5.3m 6.5.3m.x
sgi / irix 6.5.4 6.5.4.x
sgi / irix 6.5.5 6.5.5.x
sgi / irix 6.5.6 6.5.6.x
sgi / irix 6.5.7 6.5.7.x
sgi / irix 6.5.8 6.5.8.x
netbsd / netbsd 1.2.1 1.2.1.x
netbsd / netbsd 1.3 1.3.x
netbsd / netbsd 1.3.1 1.3.1.x
netbsd / netbsd 1.3.2 1.3.2.x
netbsd / netbsd 1.3.3 1.3.3.x
netbsd / netbsd 1.4 1.4.x
netbsd / netbsd 1.4.1 1.4.1.x
netbsd / netbsd 1.4.2 1.4.2.x
netbsd / netbsd 1.4.3 1.4.3.x
netbsd / netbsd 1.5 1.5.x
mit / kerberos_5 1.1.1 1.1.1.x
mit / kerberos_5 1.2 1.2.x
mit / kerberos_5 1.2.1 1.2.1.x
mit / kerberos_5 1.2.2 1.2.2.x

Details

    • Severity: High
  • CVE: CVE-2001-0247
  • Published: Jun 18, 2001
  • Updated: Apr 13, 2023
  • Exploit:

CVSS v2

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C