Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0421Solaris vulnerability

6 documents5 sources
Severity
6.4MEDIUMNVD
EPSS
2.4%
top 14.79%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
SUN SunosSUN Solaris
Timeline
PublishedJul 2
Latest updateApr 30

Description

FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition.

CVSS vector

AV:N/AC:L/C:P/I:N/A:PExploitability: 10.0 | Impact: 4.9

Affected Packages2 packages

NVDsun/solaris2.6
NVDsun/sunos5.9

🔴Vulnerability Details

2
GHSA
GHSA-8fjp-x7fp-72f8: FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permiss2022-04-30
CVEList
CVE-2001-0421: FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permiss2001-05-24

💥Exploits & PoCs

1
Exploit-DB
Solaris 2.6 - FTP Core Dump Shadow Password Recovery2001-04-17

🔍Detection Rules

2
Suricata
GPL FTP CWD ~ attempt2010-09-23
Suricata
GPL FTP CWD ~<CR><NEWLINE> attempt2010-09-23
CVE-2001-0421 — SUN Solaris vulnerability | cvebase