HP-UX Ftpd Glob() Expansion STAT Buffer Overflow Network Vulnerability

Summary

Buffer overflow in FTP server in HPUX 11 and previous allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings.

Solution

upgrade your FTP server Consider removing directories writable by 'anonymous'.

Severity

Classification

CVE CVE-2001-0248

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

FreshWebMaster Fresh FTP Filename Directory Traversal Vulnerability
PCMan's FTP Server Multiple Vulnerabilities
httpdx Multiple Commands Remote Buffer Overflow Vulnerabilities
Open-FTPD Multiple Buffer Overflow Vulnerabilities
Platinum FTP Server

HP-UX ftpd glob() Expansion STAT Buffer Overflow

Take action and discover your vulnerabilities