Vulnerability Details CVE-2001-0053
One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.156
EPSS Ranking 94.3%
CVSS Severity
CVSS v2 Score 10.0
References
- ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc
- http://archives.neohapsis.com/archives/bugtraq/2000-12/0275.html
- http://www.openbsd.org/advisories/ftpd_replydirname.txt
- http://www.securityfocus.com/bid/2124
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5776
- ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc
- http://archives.neohapsis.com/archives/bugtraq/2000-12/0275.html
- http://www.openbsd.org/advisories/ftpd_replydirname.txt
- http://www.securityfocus.com/bid/2124
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5776
Products affected by CVE-2001-0053
-
cpe:2.3:a:david_madore:ftpd-bsd:0.2.3
-
cpe:2.3:o:netbsd:netbsd:1.4
-
cpe:2.3:o:netbsd:netbsd:1.4.1
-
cpe:2.3:o:netbsd:netbsd:1.4.2
-
cpe:2.3:o:netbsd:netbsd:1.5
-
cpe:2.3:o:openbsd:openbsd:2.4
-
cpe:2.3:o:openbsd:openbsd:2.5
-
cpe:2.3:o:openbsd:openbsd:2.6
-
cpe:2.3:o:openbsd:openbsd:2.7
-
cpe:2.3:o:openbsd:openbsd:2.8