CVE-2001-0264 : Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote attackers to obtain NETBIOS credentials by requesting info

Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection.

Published 2001-06-18 04:00:00

Updated 2008-09-05 20:23:41

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2001-0264

Probability of exploitation activity in the next 30 days: 0.45%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 72 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2001-0264

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

References for CVE-2001-0264

http://www.securityfocus.com/bid/2534

Exploit;Patch;Vendor Advisory
http://www.atstake.com/research/advisories/2001/a040301-1.txt

Patch;Vendor Advisory

CVEs referencing this url

Products affected by CVE-2001-0264

Gene6 » G6 Ftp Server » Version: 2.0
cpe:2.3:a:gene6:g6_ftp_server:2.0:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2001-0264

Exploit prediction scoring system (EPSS) score for CVE-2001-0264

CVSS scores for CVE-2001-0264

References for CVE-2001-0264

Products affected by CVE-2001-0264