icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Serv-U FTP Server Default Account

Synopsis

The remote host is configured with default or easily-guessed credentials.

Description

The remote host is running a version of the Serv-U FTP Server that has an hidden default administration account. This account is reported to be hard-coded but it can be used only from the loopback interface. It may permit a local attacker to log into the site maintenance interface.

Solution

No solution is known at this time.