----‑--‑-- · --:--:-- UTCLIVE

Powered by data from 22+ sources — NVD, cve.org, EPSS, CISA KEV, OSV, GHSA, MITRE ATT&CK, and more.

CVE-2001-0249

Critical

Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the…

mitre·CWE-131·Published 2001-05-24

CVSS

9.8

EPSS

0.20

KEV

No

Exploits

0

Vendor statements (1)

nai.com

cve.orgen

194 chars

Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings.

NVDen

194 chars

Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings.

CVSS metrics across sources

2

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	10.0	10.0	10.0	AV:N/AC:L/Au:N/C:C/I:C/A:C
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H