Lucene search

MitreCVE-2001-0421

HistoryJul 02, 2001 - 4:00 a.m.

CVE-2001-0421

2001-07-0204:00:00

mitre

web.nvd.nist.gov

solaris 8

ftp server

cve-2001-0421

vulnerability

information security

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

AI Score

6.5

Confidence

High

EPSS

0.032

Percentile

91.3%

JSON

FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition.

Affected configurations

Nvd

Node

sunsolarisMatch2.6

sunsunosRange≤5.9

VendorProductVersionCPE
sunsolaris2.6cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*
sunsunos*cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sun	solaris	2.6	cpe:2.3:o:sun:solaris:2.6:::::::*
sun	sunos	*	cpe:2.3:o:sun:sunos::::::::

References

www.securityfocus.com/archive/1/177200

www.securityfocus.com/bid/2601

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

AI Score

6.5

Confidence

High

EPSS

0.032

Percentile

91.3%

JSON

Related for CVE-2001-0421