CVE-2001-0248

CRITICAL

Hp-ux - Buffer Overflow

Title source: rule

Description

Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings.

References (4)

[Broken Link] http://www.nai.com/research/covert/advisories/048.asp

[Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry, Vendor Advisory] http://www.securityfocus.com/bid/2552

[Patch, Third Party Advisory, US Government Resource] http://www.cert.org/advisories/CA-2001-07.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/6332

Scores

CVSS v3 9.8

EPSS 0.0532

EPSS Percentile 90.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-131

Status published

Products (4)

hp/hp-ux 11.00

sgi/irix 6.5

sgi/irix 6.5.1

sgi/irix 6.5.2

Published Jun 18, 2001

Tracked Since Feb 18, 2026