This script is Copyright (C) 2010-2011 Tenable Network Security, Inc.
The remote FTP server is affected by multiple vulnerabilities.
The installed version of Serv-U is earlier than 18.104.22.168 and as such
is reportedly affected by following issues :
- Provided 'SITE SET' command is enabled, an authorized
user may be able to crash the remote FTP server by
sending a specially crafted 'SITE SET TRANSFERPROGRESS
- An unprivileged user may be able to view all drives and
virtual paths for drive '\'.
See also :
Upgrade to Serv-U version 22.214.171.124 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.2
Public Exploit Available : false
Nessus Plugin ID: 41980 ()
Bugtraq ID: 36585