CVE-2001-0247 - Vulnerability Details

Vendors	Products
Freebsd	Freebsd
Mit	Kerberos 5
Netbsd	Netbsd
Openbsd	Openbsd
Sgi	Irix

Link	Providers
ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc
ftp://patches.sgi.com/support/free/security/advisories/20010802-01-P
http://archives.neohapsis.com/archives/freebsd/2001-04/0466.html
http://www.cert.org/advisories/CA-2001-07.html
http://www.nai.com/research/covert/advisories/048.asp
http://www.securityfocus.com/bid/2548
https://exchange.xforce.ibmcloud.com/vulnerabilities/6332

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2001-04-09T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-18T21:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "FreeBSD-SA-01:33", "tags": ["vendor-advisory", "x_refsource_FREEBSD"], "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0466.html"}, {"name": "2548", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/2548"}, {"name": "20010409 Globbing Vulnerabilities in Multiple FTP Daemons", "tags": ["vendor-advisory", "x_refsource_NAI"], "url": "http://www.nai.com/research/covert/advisories/048.asp"}, {"name": "CA-2001-07", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.cert.org/advisories/CA-2001-07.html"}, {"name": "20010802-01-P", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20010802-01-P"}, {"name": "NetBSD-SA2000-018", "tags": ["vendor-advisory", "x_refsource_NETBSD"], "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc"}, {"name": "ftp-glob-expansion(6332)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6332"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0247", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "FreeBSD-SA-01:33", "refsource": "FREEBSD", "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0466.html"}, {"name": "2548", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2548"}, {"name": "20010409 Globbing Vulnerabilities in Multiple FTP Daemons", "refsource": "NAI", "url": "http://www.nai.com/research/covert/advisories/048.asp"}, {"name": "CA-2001-07", "refsource": "CERT", "url": "http://www.cert.org/advisories/CA-2001-07.html"}, {"name": "20010802-01-P", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20010802-01-P"}, {"name": "NetBSD-SA2000-018", "refsource": "NETBSD", "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc"}, {"name": "ftp-glob-expansion(6332)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6332"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T04:14:06.661Z"}, "title": "CVE Program Container", "references": [{"name": "FreeBSD-SA-01:33", "tags": ["vendor-advisory", "x_refsource_FREEBSD", "x_transferred"], "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0466.html"}, {"name": "2548", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/2548"}, {"name": "20010409 Globbing Vulnerabilities in Multiple FTP Daemons", "tags": ["vendor-advisory", "x_refsource_NAI", "x_transferred"], "url": "http://www.nai.com/research/covert/advisories/048.asp"}, {"name": "CA-2001-07", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.cert.org/advisories/CA-2001-07.html"}, {"name": "20010802-01-P", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20010802-01-P"}, {"name": "NetBSD-SA2000-018", "tags": ["vendor-advisory", "x_refsource_NETBSD", "x_transferred"], "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc"}, {"name": "ftp-glob-expansion(6332)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6332"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0247", "datePublished": "2001-05-24T04:00:00", "dateReserved": "2001-03-22T00:00:00", "dateUpdated": "2024-08-08T04:14:06.661Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2001-04-09T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-12-18T21:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : FreeBSD-SA-01:33 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FREEBSD (string)

]

url : http://archives.neohapsis.com/archives/freebsd/2001-04/0466.html (string)

}

1 : { »

name : 2548 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/2548 (string)

}

2 : { »

name : 20010409 Globbing Vulnerabilities in Multiple FTP Daemons (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_NAI (string)

]

url : http://www.nai.com/research/covert/advisories/048.asp (string)

}

3 : { »

name : CA-2001-07 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_CERT (string)

]

url : http://www.cert.org/advisories/CA-2001-07.html (string)

}

4 : { »

name : 20010802-01-P (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SGI (string)

]

url : ftp://patches.sgi.com/support/free/security/advisories/20010802-01-P (string)

}

5 : { »

name : NetBSD-SA2000-018 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_NETBSD (string)

]

url : ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc (string)

}

6 : { »

name : ftp-glob-expansion(6332) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/6332 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2001-0247 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : FreeBSD-SA-01:33 (string)

refsource : FREEBSD (string)

url : http://archives.neohapsis.com/archives/freebsd/2001-04/0466.html (string)

}

1 : { »

name : 2548 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/2548 (string)

}

2 : { »

name : 20010409 Globbing Vulnerabilities in Multiple FTP Daemons (string)

refsource : NAI (string)

url : http://www.nai.com/research/covert/advisories/048.asp (string)

}

3 : { »

name : CA-2001-07 (string)

refsource : CERT (string)

url : http://www.cert.org/advisories/CA-2001-07.html (string)

}

4 : { »

name : 20010802-01-P (string)

refsource : SGI (string)

url : ftp://patches.sgi.com/support/free/security/advisories/20010802-01-P (string)

}

5 : { »

name : NetBSD-SA2000-018 (string)

refsource : NETBSD (string)

url : ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc (string)

}

6 : { »

name : ftp-glob-expansion(6332) (string)

refsource : XF (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/6332 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-08T04:14:06.661Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : FreeBSD-SA-01:33 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FREEBSD (string)

2 : x_transferred (string)

]

url : http://archives.neohapsis.com/archives/freebsd/2001-04/0466.html (string)

}

1 : { »

name : 2548 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/2548 (string)

}

2 : { »

name : 20010409 Globbing Vulnerabilities in Multiple FTP Daemons (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_NAI (string)

2 : x_transferred (string)

]

url : http://www.nai.com/research/covert/advisories/048.asp (string)

}

3 : { »

name : CA-2001-07 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_CERT (string)

2 : x_transferred (string)

]

url : http://www.cert.org/advisories/CA-2001-07.html (string)

}

4 : { »

name : 20010802-01-P (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SGI (string)

2 : x_transferred (string)

]

url : ftp://patches.sgi.com/support/free/security/advisories/20010802-01-P (string)

}

5 : { »

name : NetBSD-SA2000-018 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_NETBSD (string)

2 : x_transferred (string)

]

url : ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc (string)

}

6 : { »

name : ftp-glob-expansion(6332) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

2 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/6332 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2001-0247 (string)

datePublished : 2001-05-24T04:00:00 (string)

dateReserved : 2001-03-22T00:00:00 (string)

dateUpdated : 2024-08-08T04:14:06.661Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "BE8C0C82-749E-4837-88F8-FB56A753B094", "vulnerable": true}, {"criteria": "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "8AD672FA-918D-48CB-BC03-4E412AF0DCCC", "vulnerable": true}, {"criteria": "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "D0B363A4-BB7A-48A2-AE6B-BD2DDD46E7CB", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "966C1A13-8007-408D-96BE-0DA3BB6CA401", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.2m:*:*:*:*:*:*:*", "matchCriteriaId": "772E3C7E-9947-414F-8642-18653BB048E0", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.3f:*:*:*:*:*:*:*", "matchCriteriaId": "8D51EC29-8836-4F87-ABF8-FF7530DECBB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.3m:*:*:*:*:*:*:*", "matchCriteriaId": "518B7253-7B0F-4A0A-ADA7-F3E3B5AAF877", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "5663579C-3AD2-4E5B-A595-C8DB984F9C26", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*", "matchCriteriaId": "60CC9410-F6B8-4748-B76F-30626279028E", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:*", "matchCriteriaId": "DCC67401-C85A-4E4E-AE61-85FEBBF4346B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "183667CA-6DF1-4BFB-AE32-9ABF55B7283A", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "EBDDEC3F-52EB-4E1E-84C4-B472600059EC", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "B58E02AE-38B4-466E-BF73-2F0B80AF7BA5", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3928D5CF-6FC0-434C-8A80-ABDBF346C2C9", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "314BA420-4C74-4060-8ACE-D7A7C041CF2B", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "2EAD7613-A5B3-4621-B981-290C7C6B8BA0", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "D1CA3337-9BEE-49C5-9EDE-8CDBE5580537", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE38C50A-81FE-412E-9717-3672FAE6A6F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "263F3734-7076-4EA8-B4C0-F37CFC4E979E", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "0419DD66-FF66-48BC-AD3B-F6AFD0551E36", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "C3518628-08E5-4AD7-AAF6-A4E38F1CDE2C", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "B982342C-1981-4C55-8044-AFE4D87623DF", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "47E02BE6-4800-4940-B269-385B66AC5077", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C283AD7-1C58-4CE8-A6CD-502FFE0B18BB", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AE31DFF8-06AB-489D-A0C5-509C090283B5", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58", "vulnerable": true}, {"criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174", "vulnerable": true}, {"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81", "vulnerable": true}, {"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F", "vulnerable": true}, {"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0", "vulnerable": true}, {"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2", "vulnerable": true}, {"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1", "vulnerable": true}, {"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264", "vulnerable": true}, {"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31", "vulnerable": true}, {"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B1F89124-E194-4C7A-B06D-8535B4066AA3", "vulnerable": true}, {"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "1D2DA7F0-E3C0-447A-A2B0-ECC928389D84", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*", "matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*", "matchCriteriaId": "80EB24F0-46A7-481B-83ED-8BB012AE0C8E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3."}], "id": "CVE-2001-0247", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2001-06-18T04:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc"}, {"source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20010802-01-P"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0466.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.cert.org/advisories/CA-2001-07.html"}, {"source": "cve@mitre.org", "url": "http://www.nai.com/research/covert/advisories/048.asp"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/2548"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6332"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20010802-01-P"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0466.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.cert.org/advisories/CA-2001-07.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.nai.com/research/covert/advisories/048.asp"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/2548"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6332"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : BE8C0C82-749E-4837-88F8-FB56A753B094 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 8AD672FA-918D-48CB-BC03-4E412AF0DCCC (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:* (string)

matchCriteriaId : D0B363A4-BB7A-48A2-AE6B-BD2DDD46E7CB (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:sgi:irix:6.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 966C1A13-8007-408D-96BE-0DA3BB6CA401 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 36B60E50-4F5A-4404-BEA3-C94F7D27B156 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:sgi:irix:6.5.2m:*:*:*:*:*:*:* (string)

matchCriteriaId : 772E3C7E-9947-414F-8642-18653BB048E0 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:* (string)

matchCriteriaId : E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:sgi:irix:6.5.3f:*:*:*:*:*:*:* (string)

matchCriteriaId : 8D51EC29-8836-4F87-ABF8-FF7530DECBB1 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:o:sgi:irix:6.5.3m:*:*:*:*:*:*:* (string)

matchCriteriaId : 518B7253-7B0F-4A0A-ADA7-F3E3B5AAF877 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 440B7208-34DB-4898-8461-4E703F7EDFB7 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 5663579C-3AD2-4E5B-A595-C8DB984F9C26 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:* (string)

matchCriteriaId : D07AA144-6FD7-4C80-B4F2-D21C1AFC864A (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:* (string)

matchCriteriaId : 29113D8E-9618-4A0E-9157-678332082858 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:* (string)

matchCriteriaId : 313613E9-4837-433C-90EE-84A92E8D24E5 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:* (string)

matchCriteriaId : 60CC9410-F6B8-4748-B76F-30626279028E (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:* (string)

matchCriteriaId : DCC67401-C85A-4E4E-AE61-85FEBBF4346B (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 183667CA-6DF1-4BFB-AE32-9ABF55B7283A (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:* (string)

matchCriteriaId : EBDDEC3F-52EB-4E1E-84C4-B472600059EC (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:* (string)

matchCriteriaId : B58E02AE-38B4-466E-BF73-2F0B80AF7BA5 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 3928D5CF-6FC0-434C-8A80-ABDBF346C2C9 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 314BA420-4C74-4060-8ACE-D7A7C041CF2B (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 2EAD7613-A5B3-4621-B981-290C7C6B8BA0 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:* (string)

matchCriteriaId : D1CA3337-9BEE-49C5-9EDE-8CDBE5580537 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:* (string)

matchCriteriaId : EE38C50A-81FE-412E-9717-3672FAE6A6F4 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 263F3734-7076-4EA8-B4C0-F37CFC4E979E (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 0419DD66-FF66-48BC-AD3B-F6AFD0551E36 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:* (string)

matchCriteriaId : C3518628-08E5-4AD7-AAF6-A4E38F1CDE2C (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:* (string)

matchCriteriaId : B982342C-1981-4C55-8044-AFE4D87623DF (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 47E02BE6-4800-4940-B269-385B66AC5077 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 7C283AD7-1C58-4CE8-A6CD-502FFE0B18BB (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:* (string)

matchCriteriaId : D0A585A1-FF82-418F-90F8-072458DB7816 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:* (string)

matchCriteriaId : AE31DFF8-06AB-489D-A0C5-509C090283B5 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:* (string)

matchCriteriaId : DF49BF03-C25E-4737-84D5-892895C86C58 (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:* (string)

matchCriteriaId : FC7A39CD-C4B2-4FD9-A450-E5C7A5480174 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 7CBA1B13-B378-4F13-BD13-EC58F15F5C81 (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:* (string)

matchCriteriaId : B8C8CAB1-2D8C-4875-A795-41178D48410F (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0 (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2 (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:* (string)

matchCriteriaId : C422E343-ADF2-427D-865D-B5C35431EFD1 (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 1C288A88-11C6-429E-A109-0395D0989264 (string)

vulnerable : true (boolean)

}

25 : { »

criteria : cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 516C6D9A-7483-4E36-A2E0-42698161AD31 (string)

vulnerable : true (boolean)

}

26 : { »

criteria : cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:* (string)

matchCriteriaId : B1F89124-E194-4C7A-B06D-8535B4066AA3 (string)

vulnerable : true (boolean)

}

27 : { »

criteria : cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:* (string)

matchCriteriaId : E10D9BF9-FCC7-4680-AD3A-95757FC005EA (string)

vulnerable : true (boolean)

}

28 : { »

criteria : cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 1D2DA7F0-E3C0-447A-A2B0-ECC928389D84 (string)

vulnerable : true (boolean)

}

29 : { »

criteria : cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:* (string)

matchCriteriaId : FEBE290B-5EC6-4BBA-B645-294C150E417A (string)

vulnerable : true (boolean)

}

30 : { »

criteria : cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:* (string)

matchCriteriaId : ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6 (string)

vulnerable : true (boolean)

}

31 : { »

criteria : cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 0DF053A1-C252-427E-9EEF-27240F422976 (string)

vulnerable : true (boolean)

}

32 : { »

criteria : cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:* (string)

matchCriteriaId : 48A9C344-45AA-47B9-B35A-1A62E220D9C6 (string)

vulnerable : true (boolean)

}

33 : { »

criteria : cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:* (string)

matchCriteriaId : 80EB24F0-46A7-481B-83ED-8BB012AE0C8E (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. (string)

}

]

id : CVE-2001-0247 (string)

lastModified : 2025-04-03T01:03:51.193 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 10 (number)

confidentialityImpact : COMPLETE (string)

integrityImpact : COMPLETE (string)

vectorString : AV:N/AC:L/Au:N/C:C/I:C/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 10 (number)

obtainAllPrivilege : true (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2001-06-18T04:00:00.000 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Patch (string)

]

url : ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc (string)

}

1 : { »

source : cve@mitre.org (string)

url : ftp://patches.sgi.com/support/free/security/advisories/20010802-01-P (string)

}

2 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://archives.neohapsis.com/archives/freebsd/2001-04/0466.html (string)

}

3 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Patch (string)

1 : Third Party Advisory (string)

2 : US Government Resource (string)

]

url : http://www.cert.org/advisories/CA-2001-07.html (string)

}

4 : { »

source : cve@mitre.org (string)

url : http://www.nai.com/research/covert/advisories/048.asp (string)

}

5 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Exploit (string)

1 : Patch (string)

2 : Vendor Advisory (string)

]

url : http://www.securityfocus.com/bid/2548 (string)

}

6 : { »

source : cve@mitre.org (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/6332 (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : ftp://patches.sgi.com/support/free/security/advisories/20010802-01-P (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://archives.neohapsis.com/archives/freebsd/2001-04/0466.html (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Third Party Advisory (string)

2 : US Government Resource (string)

]

url : http://www.cert.org/advisories/CA-2001-07.html (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.nai.com/research/covert/advisories/048.asp (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

1 : Patch (string)

2 : Vendor Advisory (string)

]

url : http://www.securityfocus.com/bid/2548 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/6332 (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-Other (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object