Serv-U < 18.104.22.168 Multiple Vulnerabilities (DoS, Traversal)
High Nessus Network Monitor Plugin ID 4979
SynopsisThe remote host is vulnerable to multiple attack vectors.
DescriptionThe remote host is running Serv-U File Server, an FTP server for Windows.
This version of Serv-U is earlier than 22.214.171.124 and is reportedly affected by the following issues :
- A directory traversal vulnerability enables an authenticated remote attacker to create directories outside his or her home directory. (CVE-2009-1031)
- An authenticated remote attacker can cause the FTP service to become saturated for a long period of time using a long series of 'SMNT' commands without an argument. During this time, new connections would not be allowed. (CVE-2009-0967)
SolutionUpgrade to version 126.96.36.199 or higher.