Serv-U <

Medium Nessus Plugin ID 43369


The remote FTP server is affected by an information disclosure vulnerability.


The installed version of Serv-U is earlier than and as such is reportedly affected by an information disclosure vulnerability.

An authenticated user can exploit this to view directories above his or her root directory.


Upgrade to Serv-U version or later.

See Also

Plugin Details

Severity: Medium

ID: 43369

File Name: servu_9_2_0_1.nasl

Version: $Revision: 1.9 $

Type: remote

Family: FTP

Published: 2009/12/21

Modified: 2016/05/13

Dependencies: 48434

Risk Information

Risk Factor: Medium


Base Score: 4

Temporal Score: 3.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:serv-u:serv-u

Required KB Items: ftp/servu

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2009/12/17

Vulnerability Publication Date: 2009/12/17

Reference Information

CVE: CVE-2009-4815

BID: 37414

OSVDB: 61144

Secunia: 37847