Total vulnerabilities in the database
FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition.
| Software | From | Fixed in |
|---|---|---|
| sun / solaris | 2.6 | 2.6.x |
| sun / sunos | - | 5.9.x |