Vulnerabilities > CVE-2001-1113 - Buffer Overflow vulnerability in TrollFTPD

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

trolltech

critical

NVD

Published: 2001-08-13

Updated: 2017-10-10

Summary

Buffer overflow in TrollFTPD 1.26 and earlier allows local users to execute arbitrary code by creating a series of deeply nested directories with long names, then running the ls -R (recursive) command.

Vulnerable Configurations

Part	Description	Count
Application	Trolltech Trolltech Trollftpd 1.17 Trolltech Trollftpd 1.18 Trolltech Trollftpd 1.19 Trolltech Trollftpd 1.20 Trolltech Trollftpd 1.21 Trolltech Trollftpd 1.22 Trolltech Trollftpd 1.23 Trolltech Trollftpd 1.24 Trolltech Trollftpd 1.25 Trolltech Trollftpd 1.26	10

References

ftp://ftp.trolltech.com/freebies/ftpd/troll-ftpd-1.27.tar.gz
http://www.securityfocus.com/archive/1/203874
http://www.securityfocus.com/bid/3174
https://exchange.xforce.ibmcloud.com/vulnerabilities/6974