Serv-U < 18.104.22.168
High Nessus Plugin ID 42934
SynopsisThe remote FTP server is affected by multiple vulnerabilities.
DescriptionAccording to its banner, the installed version of Serv-U is earlier than 22.214.171.124, and therefore affected by the following issues :
- A boundary error in the web administration interface when parsing session cookies can result in a stack-based buffer overflow. (CVE-2009-4873)
- A boundary error in the TEA decoding algorithm can result in a stack-based buffer overflow when processing a long hexadecimal string. (CVE-2009-4006)
SolutionUpgrade to Serv-U version 126.96.36.199 or later.