This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.
The remote SSH service is affected by an authentication bypass
According to its banner, the installed version of Serv-U is earlier
than 10.3.0.1 and is, therefore, potentially affected by the following
- If the SFTP server has been configured to only allow
public key authentication, it can be bypassed for
users accounts that have no password.
See also :
Upgrade to Serv-U version 10.3.0.1 or later.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.6
Public Exploit Available : true