Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0053

5 documents4 sources
Severity
10.0CRITICAL
EPSS
15.6%
top 5.31%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
David Madore Ftpd-bsdNetbsd NetbsdOpenbsd Openbsd
Timeline
PublishedFeb 12
Latest updateMay 3

Description

One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDopenbsd/openbsd5 versions+4

Also affects: Netbsd 1.4, 1.4.1, 1.4.2, 1.5

Patches

Patch: archives.neohapsis.comPatch: www.openbsd.orgPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-286p-cf2h-fc7g: One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges2022-05-03
CVEList
CVE-2001-0053: One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges2001-05-07

💥Exploits & PoCs

2
Exploit-DB
OpenBSD ftpd 2.6/2.7 - Remote Overflow2000-12-20
Exploit-DB
BSD ftpd 0.3.2 - Single Byte Buffer Overflow2000-12-18
CVE-2001-0053 (CRITICAL CVSS 10) | One-byte buffer overflow in replydi | cvebase.io