CVE-2001-0053

Published: Feb 12, 2001Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.

Affected (10)

Products: David Madore: Ftpd Bsd · Netbsd: Netbsd · Openbsd: Openbsd

1 product

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
David Madore Ftpd Bsd	Version 0.2.3

Configuration B

9 vulnerable

Vulnerable Software	Affected Versions
Netbsd Netbsd	Version 1.4.1
Netbsd Netbsd	Version 1.4.2
Netbsd Netbsd	Version 1.4
Netbsd Netbsd	Version 1.5
Openbsd Openbsd	Version 2.4
Openbsd Openbsd	Version 2.5
Openbsd Openbsd	Version 2.6
Openbsd Openbsd	Version 2.7
Openbsd Openbsd	Version 2.8

References (10)

ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc (unsafe URL)

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2000-12/0275.html

Source: cve@mitre.org

Patch

http://www.openbsd.org/advisories/ftpd_replydirname.txt

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/2124

Source: cve@mitre.org

ExploitPatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/5776

Source: cve@mitre.org

ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc (unsafe URL)

Source: af854a3a-2127-422b-91ae-364da2661108

http://archives.neohapsis.com/archives/bugtraq/2000-12/0275.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.openbsd.org/advisories/ftpd_replydirname.txt

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/2124

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/5776

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.