Vulnerability Database

296,733

Total vulnerabilities in the database

CVE-2001-0249

Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings.

Published: Jun 18, 2001
Updated: May 9, 2024
CVE: CVE-2001-0249
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-131

Affected Software
References

Software	From	Fixed in
hp / hp-ux	11.00	11.00.x
oracle / solaris	8	8.x
sgi / irix	6.5	6.5.20.x

http://www.cert.org/advisories/CA-2001-07.html
http://www.nai.com/research/covert/advisories/048.asp
http://www.securityfocus.com/bid/2550
https://exchange.xforce.ibmcloud.com/vulnerabilities/6332

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo