{"cve": [{"lastseen": "2021-02-02T05:19:04", "description": "Maximum Rumpus FTP Server 2.0.3 dev and before allows an attacker to cause a denial of service (crash) via a mkdir command that specifies a large number of sub-folders.", "edition": 4, "cvss3": {}, "published": "2001-09-20T04:00:00", "title": "CVE-2001-0706", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2001-0706"], "modified": "2017-10-10T01:29:00", "cpe": ["cpe:/a:maxum_development_corporation:rumpus_ftp_server:1.3.5", "cpe:/a:maxum_development_corporation:rumpus_ftp_server:2.0.3dev", "cpe:/a:maxum_development_corporation:rumpus_ftp_server:1.3.2", "cpe:/a:maxum_development_corporation:rumpus_ftp_server:1.3.4"], "id": "CVE-2001-0706", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-0706", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:maxum_development_corporation:rumpus_ftp_server:1.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:maxum_development_corporation:rumpus_ftp_server:2.0.3dev:*:*:*:*:*:*:*", "cpe:2.3:a:maxum_development_corporation:rumpus_ftp_server:1.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:maxum_development_corporation:rumpus_ftp_server:1.3.2:*:*:*:*:*:*:*"]}], "exploitdb": [{"lastseen": "2016-02-02T15:17:22", "description": "Rumpus FTP Server 1.3.x/2.0.3 Stack Overflow DoS Vulnerability. CVE-2001-0706. Dos exploit for osx platform", "published": "2001-06-12T00:00:00", "type": "exploitdb", "title": "Rumpus FTP Server 1.3.x/2.0.3 - Stack Overflow DoS Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2001-0706"], "modified": "2001-06-12T00:00:00", "id": "EDB-ID:20922", "href": "https://www.exploit-db.com/exploits/20922/", "sourceData": "source: http://www.securityfocus.com/bid/2864/info\r\n\r\nRumpus FTP Server is an implementation for MacOS which allows file-sharing across TCP/IP connections.\r\n\r\nRumpus FTP is prone to a denial of service. An ftp user can engage the attack by making a directory with an unusual number of sub-folders. This forces the software to quit, as it is unable to handle the creation of so many directories at one time. The FTP server must be rebooted to regain normal functionality.\r\n\r\nIt is required that a user be logged in to carry out this attack. It may be possible for remote users to exploit this vulnerability, but authentication is required and anonymous ftp access does not grant users the privileges neccesary to create directories. \r\n\r\nExecuting command 'mkdir A:A:A:A:A:A:A:A:A:A:A:A:A:A:A:A:A:A:A:A' will make Rumpus quit. ", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/20922/"}]}
