CVE-2001-0421
Summary
FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition.
- LOW
- NETWORK
- NONE
- NONE
- PARTIAL
- PARTIAL
References
Advisory Timeline
- Published