Unrated severityNVD Advisory· Published Jul 20, 2001· Updated Apr 16, 2026

CVE-2001-1355

Description

Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command.

Affected products

Netwin/Dmail9 versions
cpe:2.3:a:netwin:dmail:2.5d:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:netwin:dmail:2.5d:*:*:*:*:*:*:*
- cpe:2.3:a:netwin:dmail:2.7:*:*:*:*:*:*:*
- cpe:2.3:a:netwin:dmail:2.7q:*:*:*:*:*:*:*
- cpe:2.3:a:netwin:dmail:2.7r:*:*:*:*:*:*:*
- cpe:2.3:a:netwin:dmail:2.8e:*:*:*:*:*:*:*
- cpe:2.3:a:netwin:dmail:2.8f:*:*:*:*:*:*:*
- cpe:2.3:a:netwin:dmail:2.8g:*:*:*:*:*:*:*
- cpe:2.3:a:netwin:dmail:2.8h:*:*:*:*:*:*:*
- cpe:2.3:a:netwin:dmail:2.8i:*:*:*:*:*:*:*
Netwin/Surgeftp3 versions
cpe:2.3:a:netwin:surgeftp:1.0b:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:netwin:surgeftp:1.0b:*:*:*:*:*:*:*
- cpe:2.3:a:netwin:surgeftp:2.0a:*:*:*:*:*:*:*
- cpe:2.3:a:netwin:surgeftp:2.0b:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

online.securityfocus.com/archive/1/198293nvdVendor Advisory
www.securityfocus.com/bid/3077nvdVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/6865nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000