FTP Server Core Dump Vulnerability in Solaris 8 and Earlier

FTP Server Core Dump Vulnerability in Solaris 8 and Earlier

CVE-2001-0421 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:P

FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition.

Learn more about our Cis Benchmark Audit For Oracle Solaris.