6.7 Medium
AI Score
Confidence
Low
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.032 Low
EPSS
Percentile
91.2%
FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition.
CPE | Name | Operator | Version |
---|---|---|---|
sun:solaris | sun solaris | eq | 2.6 |
sun:sunos | sun sunos | le | 5.9 |