CVE-2001-0248
CRITICALHP-UX 11 - Remote Code Execution via FTP STAT Command Buffer Overflow
Title source: llmDescription
Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings.
References (4)
Core 4
Core References
Broken Link vendor-advisory
x_refsource_nai
http://www.nai.com/research/covert/advisories/048.asp
Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/2552
Patch, Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert
http://www.cert.org/advisories/CA-2001-07.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/6332
Scores
CVSS v3
9.8
EPSS
0.1117
EPSS Percentile
95.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-131
Status
published
Products (4)
hp/hp-ux
11.00
sgi/irix
6.5
sgi/irix
6.5.1
sgi/irix
6.5.2
Published
Jun 18, 2001
Tracked Since
Feb 18, 2026