Serv-U 7.x < 7.3.0.1 Multiple Remote Vulnerabilities (DoS, Traversal)

This script is Copyright (C) 2008-2011 Tenable Network Security, Inc.


Synopsis :

The remote FTP server is affected by several vulnerabilities.

Description :

The installed version of Serv-U 7.x is earlier than 7.3.0.1 and thus
is reportedly affected by the following issues :

- An authenticated, remote attacker can cause the service
to consume all CPU time on the remote host by
specifying a Windows port (eg, 'CON:') when using the
STOU command provided he has write access to a
directory.

- An authenticated, remote attacker can overwrite or create
arbitrary files via a directory traversal attack in the
RNTO command.

- An authenticated, remote attacker may be able to upload a
file to the current Windows directory with rename by
placing the destination in '\' (ie, 'My Computer').

See also :

http://www.rhinosoft.com/KnowledgeBase/KBArticle.asp?RefNo=1769
http://www.serv-u.com/releasenotes/

Solution :

Upgrade to Serv-U version 7.3.0.1 or later.

Risk factor :

High / CVSS Base Score : 9.0
(CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 8.5
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 34398 ()

Bugtraq ID: 31556
31563

CVE ID: CVE-2008-4500
CVE-2008-4501