CVE-2001-0421
published 2001-07-02CVE-2001-0421: FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by…
PriorityP425medium6.4CVSS 2.0
AVNACLAuNCPINAP
EXPLOIT
EPSS
6.21%
92.6th percentile
FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sun | solaris | — | — |
| sun | sunos | <= 5.9 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
GPL FTP CWD ~ attempt
suricata·2010-09-23
CVE-2001-0421 GPL FTP CWD ~ attempt
GPL FTP CWD ~ attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"GPL FTP CWD ~ attempt"; flow:established,to_server; content:"CWD"; nocase; pcre:"/^CWD\s+~/smi"; reference:bugtraq,2601; reference:bugtraq,9215; reference:cve,2001-0421; classtype:denial-of-service; sid:2101672; rev:13; metadata:created_at 2010_09_23, cve CVE_2001_0421, signature_severity Unknown, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL FTP CWD ~<CR><NEWLINE> attempt
suricata·2010-09-23
CVE-2001-0421 GPL FTP CWD ~<CR><NEWLINE> attempt
GPL FTP CWD ~ attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL FTP CWD ~ attempt"; flow:established,to_server; content:"CWD "; content:" ~|0D 0A|"; reference:bugtraq,2601; reference:cve,2001-0421; classtype:denial-of-service; sid:2101728; rev:10; metadata:created_at 2010_09_23, cve CVE_2001_0421, signature_severity Unknown, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
No writeups or analysis indexed.
2001-07-02
Published