CVE-2001-1113: Buffer Overflow
Published Aug 13, 2001
·Updated
Buffer overflow in TrollFTPD 1.26 and earlier allows local users to execute arbitrary code by creating a series of deeply nested directories with long names, then running the ls -R (recursive) command.
Affected Software
10 affected components
Trolltech Trollftpd=1.24
Trolltech Trollftpd=1.22
Trolltech Trollftpd=1.19
Trolltech Trollftpd=1.21
Trolltech Trollftpd=1.23
Trolltech Trollftpd=1.25
Trolltech Trollftpd=1.18
Trolltech Trollftpd=1.20
Trolltech Trollftpd=1.17
Trolltech Trollftpd=1.26
Remediation
Patch Available
Patch Available
Event History
Aug 13, 2001
CVE Published
04:00 AM
Jun 25, 2002
CVE Published
via MITRE·08:00 AM
Data Sourced
via MITRE·08:00 AM
Description
Frequently Asked Questions
1
What is the severity of CVE-2001-1113?
CVE-2001-1113 has a high severity as it allows local users to execute arbitrary code through a buffer overflow.
2
How do I fix CVE-2001-1113?
To mitigate CVE-2001-1113, update to a version of TrollFTPD later than 1.26 which addresses this vulnerability.
3
Which versions of TrollFTPD are affected by CVE-2001-1113?
TrollFTPD versions 1.26 and earlier are affected by CVE-2001-1113.
4
What is the nature of the vulnerability in CVE-2001-1113?
CVE-2001-1113 is a buffer overflow vulnerability triggered by creating deeply nested directories with long names.
5
Who can exploit the vulnerability listed in CVE-2001-1113?
Local users with access to the system can exploit CVE-2001-1113 to execute arbitrary code.