Unrated severityNVD Advisory· Published Dec 23, 2004· Updated Apr 16, 2026

CVE-2001-1413

Description

Stack-based buffer overflow in the comprexx function for ncompress 4.2.4 and earlier, when used in situations that cross security boundaries (such as FTP server), may allow remote attackers to execute arbitrary code via a long filename argument.

Affected products

Ncompress/Ncompress
cpe:2.3:a:ncompress:ncompress:*:*:*:*:*:*:*:*
Range: <=4.2.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

security.gentoo.org/glsa/glsa-200410-08.xmlnvdPatchVendor Advisory
www.redhat.com/support/errata/RHSA-2004-536.htmlnvdPatchVendor Advisory
www.kb.cert.org/vuls/id/176363nvdThird Party AdvisoryUS Government Resource
seclists.org/lists/vuln-dev/2001/Nov/0202.htmlnvd
exchange.xforce.ibmcloud.com/vulnerabilities/10619nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000