CVE-2001-0421

2001-07-02T04:00:00
ID CVE-2001-0421
Type cve
Reporter cve@mitre.org
Modified 2018-10-30T16:25:00

Description

FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition.