Serv-U < 126.96.36.199 Multiple Vulnerabilities (DoS, Traversal)
High Nessus Network Monitor Plugin ID 4979
SynopsisThe remote host is vulnerable to multiple attack vectors.
DescriptionThe remote host is running Serv-U File Server, an FTP server for Windows.
This version of Serv-U is earlier than 188.8.131.52 and is reportedly affected by the following issues :
- A directory traversal vulnerability enables an authenticated remote attacker to create directories outside his or her home directory. (CVE-2009-1031)
- An authenticated remote attacker can cause the FTP service to become saturated for a long period of time using a long series of 'SMNT' commands without an argument. During this time, new connections would not be allowed. (CVE-2009-0967)
SolutionUpgrade to version 184.108.40.206 or higher.