Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0247Improper Restriction of Operations within the Bounds of a Memory Buffer in Freebsd

6 documents4 sources
Severity
10.0CRITICALNVD
EPSS
35.2%
top 2.96%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
5
FreebsdMIT Kerberos 5Netbsd+2 more
Timeline
PublishedJun 18
Latest updateMay 3

Description

Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

NVDsgi/irix13 versions+12
NVDmit/kerberos_54 versions+3
NVDopenbsd/openbsd6 versions+5

Also affects: Netbsd 1.2.1, 1.3, 1.3.1, 1.3.2, 1.3.3, 1.4, 1.4.1, 1.4.2, 1.4.3, 1.5, Freebsd 2.2, 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.8, 3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.5.1, 4.0, 4.1, 4.1.1, 4.2

Patches

Patch: ftp.netbsd.orgPatch: archives.neohapsis.comPatch: www.cert.org

🔴Vulnerability Details

2
GHSA
GHSA-vqvf-p27x-f5rq: Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as2022-05-03
CVEList
CVE-2001-0247: Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as2001-05-24

💥Exploits & PoCs

3
Exploit-DB
FreeBSD 4.2-stable - FTPd 'glob()' Remote Buffer Overflow2001-04-16
Exploit-DB
OpenBSD 2.x < 2.8 FTPd - 'glob()' Remote Buffer Overflow2001-04-16
Exploit-DB
FreeBSD 2.2-4.2 / NetBSD 1.2-4.5 / OpenBSD 2.x - FTPd 'glob()' Remote Buffer Overflow2001-04-14
CVE-2001-0247 — Freebsd vulnerability | cvebase