CVE-2001-0249
published 2001-06-18CVE-2001-0249: Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which…
PriorityP337critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
19.75%
97.1th percentile
Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hp | hp-ux | — | — |
| oracle | solaris | — | — |
| sgi | irix | 6.5 – 6.5.20 | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
CAPEC
Buffer Overflow via Parameter Expansion
mitre_capec
[HIGH] Buffer Overflow via Parameter Expansion
CAPEC-47: Buffer Overflow via Parameter Expansion
In this attack, the target software is given input that the adversary knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.
Execution Flow:
Step 1 [Explore]: [Identify target application] The adversary identifies a target application or program to perform the buffer overflow on. Adversaries often look for applications that accept user input and that perform manual memory management.
Step 2 [Experiment]: [Find injection vector] The adversary identifies an injection vector to deliver the excessive content to the targeted application's buffer.
Technique: In this attack, the normal
CWE
Incorrect Calculation of Buffer Size
mitre_cwe
CWE-131 Incorrect Calculation of Buffer Size
CWE-131: Incorrect Calculation of Buffer Size
The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Integrity, Availability, Confidentiality. Impact: DoS: Crash, Exit, or Restart, Execute Unauthorized Code or Commands, Read Memory, Modify Memory. If the incorrect calculation is used in the context of memory allocation, then the software may create a buffer that is smaller or larger than expected. If the allocated buffer is smaller than expected, this could lead to an out-of-bounds read or write (CWE-119), possibly causing a crash, allowing arbitrary code execution, or exposing sensitive data.
Detection Methods:
Automated Static Analysis: This
http://www.cert.org/advisories/CA-2001-07.htmlhttp://www.nai.com/research/covert/advisories/048.asphttp://www.securityfocus.com/bid/2550https://exchange.xforce.ibmcloud.com/vulnerabilities/6332http://www.cert.org/advisories/CA-2001-07.htmlhttp://www.nai.com/research/covert/advisories/048.asphttp://www.securityfocus.com/bid/2550https://exchange.xforce.ibmcloud.com/vulnerabilities/6332
2001-06-18
Published