This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.
The remote FTP server is affected by multiple vulnerabilities.
According to its banner, the installed version of Serv-U is earlier
than 18.104.22.168, and is, therefore, potentially affected by the following
- When importing users, restricted administrators could
create user accounts outside their home directory.
- When exporting users, restricted administrators could
see a user's full path for home directory, virtual paths,
and directory access rules.
- A restricted domain administrator could create a user
or group that was not locked in the user's home
- A denial of service issue when handling a large number
of concurrent HTTP requests.
See also :
Upgrade to Serv-U version 22.214.171.124 or later.
Risk factor :
Medium / CVSS Base Score : 6.5
CVSS Temporal Score : 5.4
Public Exploit Available : true
Nessus Plugin ID: 45140 ()
Bugtraq ID: 38923