RhinoSoft Serv-U Web Client HTTP Request Remote Buffer Overflow
High Nessus Network Monitor Plugin ID 5236
SynopsisThe remote host is running an FTP server that is vulnerable to a remote command execution attack.
DescriptionThe remote host appears to be running RhinoSoft Serv-U FTP server earlier than 220.127.116.11 with the web client enabled. Such versions are potentially affected by a remote buffer overflow vulnerability because the application fails to properly handle overly long session cookies.
SolutionUpgrade to Serv-U version 18.104.22.168 or later.