CVE-2001-0421
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
02/07/2001
Last modified:
30/10/2018
Description
FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition.
Impact
Base Score 2.0
6.40
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:* | ||
cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:* | 5.9 (including) |
To consult the complete list of CPE names with products and versions, see this page