Serv-U SITE CHMOD Command Multiple Vulnerabilities

High Nessus Plugin ID 12037


The remote FTP server is affected by a buffer overflow vulnerability.


The remote host is running Serv-U FTP Server.

There is a bug in the way the server handles arguments to the SITE CHMOD requests that could allow an attacker to trigger a buffer overflow or corrupt memory in the server and disable it remotely or to potentially execute arbitrary code on the host.

Note that successful exploitation requires access to a writable directory and will result in code running with Administrator or SYSTEM privileges by default.


Upgrade to Serv-U FTP Server version 4.2 or later.

See Also

Plugin Details

Severity: High

ID: 12037

File Name: ftp_servu_overflow.nasl

Version: $Revision: 1.30 $

Type: remote

Family: FTP

Published: 2004/02/02

Modified: 2016/10/10

Dependencies: 10079, 10092, 17975

Risk Information

Risk Factor: High


Base Score: 8.5

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

Vulnerability Information

CPE: cpe:/a:serv-u:serv-u

Required KB Items: ftp/servu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2004/01/24

Vulnerability Publication Date: 2004/01/24

Exploitable With

Metasploit (Serv-U FTP Server Buffer Overflow)

Reference Information

CVE: CVE-2004-2111, CVE-2004-2533

BID: 9483, 9675

OSVDB: 3713, 51701