CyberSec.Space Logo
Back to CVE Browser

CVE-2001-0053

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0890%
EPSS Percentile10.22th
PublishedFeb 12, 2001
Last ModifiedApr 16, 2026

Vulnerability Description

One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.

Affected Platforms (CPE)

πŸ“¦
David Madore

Ftpd Bsd

= 0.2.3
πŸ’»
Netbsd

Netbsd

= 1.4
πŸ’»
Netbsd

Netbsd

= 1.4.1
πŸ’»
Netbsd

Netbsd

= 1.4.2
πŸ’»
Netbsd

Netbsd

= 1.5
πŸ’»
Openbsd

Openbsd

= 2.4
πŸ’»
Openbsd

Openbsd

= 2.5
πŸ’»
Openbsd

Openbsd

= 2.6
πŸ’»
Openbsd

Openbsd

= 2.7
πŸ’»
Openbsd

Openbsd

= 2.8

References & Advisories

πŸ”— ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-12/0275.html
πŸ”— http://www.openbsd.org/advisories/ftpd_replydirname.txt
πŸ”— http://www.securityfocus.com/bid/2124
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/5776
πŸ”— ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-12/0275.html
πŸ”— http://www.openbsd.org/advisories/ftpd_replydirname.txt

Related Vulnerabilities

CVE-2003-04669.8

Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbit...

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...