CVE-2001-0249

Name of the Vulnerable Software and Affected Versions Solaris 8

Description The issue is related to a heap overflow in the FTP daemon, which allows remote attackers to execute arbitrary commands. This is achieved by creating a long pathname and calling the LIST command, which utilizes glob to generate long strings.

Recommendations For Solaris 8, consider disabling the FTP daemon until a patch is available to prevent exploitation. Restrict access to the LIST command to minimize the risk of arbitrary command execution. Avoid using long pathnames in the FTP daemon to reduce the risk of heap overflow.