Lucene search

K
nvd[email protected]NVD:CVE-2001-1355
HistoryJul 20, 2001 - 4:00 a.m.

CVE-2001-1355

2001-07-2004:00:00
web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

87.2%

Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command.

Affected configurations

NVD
Node
netwindmailMatch2.5d
OR
netwindmailMatch2.7
OR
netwindmailMatch2.7q
OR
netwindmailMatch2.7r
OR
netwindmailMatch2.8e
OR
netwindmailMatch2.8f
OR
netwindmailMatch2.8g
OR
netwindmailMatch2.8h
OR
netwindmailMatch2.8i
OR
netwinsurgeftpMatch1.0b
OR
netwinsurgeftpMatch2.0a
OR
netwinsurgeftpMatch2.0b

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

87.2%

Related for NVD:CVE-2001-1355