Vulnerability Database

290,301

Total vulnerabilities in the database

CVE-2001-1355

Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command.

  • Published: Jul 20, 2001
  • Updated: Apr 13, 2023
  • CVE: CVE-2001-1355
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
netwin / dmail 2.8e 2.8e.x
netwin / dmail 2.7q 2.7q.x
netwin / surgeftp 1.0b 1.0b.x
netwin / dmail 2.8g 2.8g.x
netwin / dmail 2.8f 2.8f.x
netwin / surgeftp 2.0a 2.0a.x
netwin / dmail 2.5d 2.5d.x
netwin / dmail 2.7 2.7.x
netwin / dmail 2.8i 2.8i.x
netwin / dmail 2.7r 2.7r.x
netwin / dmail 2.8h 2.8h.x
netwin / surgeftp 2.0b 2.0b.x