CVE-2001-1414

Solaris 2.5.1-8 - Unauthenticated Audit Log Bypass via Anonymous FTP

Title source: llm
STIX 2.1

Description

The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does not log anonymous FTP access, which allows remote attackers to hide their activities, possibly when certain BSM audit files are not present under the FTP root.

References (3)

Core 3
Core References
Vendor Advisory vendor-advisory x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-40521-1
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/7396
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/11841

Scores

EPSS 0.0072
EPSS Percentile 72.6%

Details

Status published
Products (8)
sun/solaris 2.5.1
sun/solaris 2.6
sun/solaris 7.0
sun/solaris 8.0
sun/sunos
sun/sunos 5.5.1
sun/sunos 5.7
sun/sunos 5.8
Published Oct 09, 2001
Tracked Since Feb 18, 2026