icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Serv-U < 8.0.0.1 Multiple Vulnerabilities (DoS, Traversal)

High

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote host is running Serv-U File Server, an FTP server for Windows.

This version of Serv-U is earlier than 8.0.0.1 and is reportedly affected by the following issues :

- A directory traversal vulnerability enables an authenticated remote attacker to create directories outside his or her home directory. (CVE-2009-1031)

- An authenticated remote attacker can cause the FTP service to become saturated for a long period of time using a long series of 'SMNT' commands without an argument. During this time, new connections would not be allowed. (CVE-2009-0967)

Solution

Upgrade to version 8.0.0.1 or higher.