Serv-U <

This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.

Synopsis :

The remote FTP server is affected by multiple vulnerabilities.

Description :

According to its banner, the installed version of Serv-U is earlier
than, and is, therefore, potentially affected by the following
issues :

- When importing users, restricted administrators could
create user accounts outside their home directory.

- When exporting users, restricted administrators could
see a user's full path for home directory, virtual paths,
and directory access rules.

- A restricted domain administrator could create a user
or group that was not locked in the user's home

- A denial of service issue when handling a large number
of concurrent HTTP requests.

See also :

Solution :

Upgrade to Serv-U version or later.

Risk factor :

Medium / CVSS Base Score : 6.5
CVSS Temporal Score : 5.4
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 45140 ()

Bugtraq ID: 38923


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now