exploitDog

CVE-2001-0421

Опубликовано: 02 июл. 2001

Источник: nvd

CVSS2: 6.4

EPSS Низкий

Описание

FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition.

Ссылки

http://www.securityfocus.com/archive/1/177200
http://www.securityfocus.com/bid/2601
Exploit
Vendor Advisory
http://www.securityfocus.com/archive/1/177200
http://www.securityfocus.com/bid/2601
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*

cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*

Версия до 5.9 (включая)

EPSS

Процентиль: 85%

0.02445

Низкий

6.4 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-8fjp-x7fp-72f8

github

больше 3 лет назад

FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition.

EPSS

Процентиль: 85%

0.02445

Низкий

6.4 Medium

CVSS2

Дефекты

NVD-CWE-Other