Serv-U < 126.96.36.199 Multiple Vulnerabilities (DoS, Traversal)
Medium Nessus Plugin ID 36035
SynopsisThe remote FTP server is affected by multiple vulnerabilities.
DescriptionThe installed version of Serv-U is earlier than 188.8.131.52 and thus is reportedly affected by the following issues :
- A directory traversal vulnerability enables an authenticated, remote attacker to create directories outside his or her home directory. (CVE-2009-1031)
- An authenticated, remote attacker can cause the FTP service to become saturated for a long period of time using a long series of 'SMNT' commands without an argument. During this time, new connections would not be allowed. (CVE-2009-0967)
SolutionUpgrade to Serv-U version 184.108.40.206 or later.