Arbitrary Command Execution via Buffer Overflow in HPUX 11 FTP Server

Arbitrary Command Execution via Buffer Overflow in HPUX 11 FTP Server

CVE-2001-0248 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings.

Learn more about our Cis Benchmark Audit For Server Software.