Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Serv-U < Multiple Remote Vulnerabilities



The remote FTP server is affected by several vulnerabilities.


The remote host is running Serv-U File Server, an FTP server for Windows.

The installed version of Serv-U is earlier than and thus is reportedly affected by the following issues : - An authenticated remote attacker can cause the service to consume all CPU time on the remote host by specifying a Windows port (eg, 'CON:') when using the STOU command provided he has write access to a directory. - An authenticated remote attacker can overwrite or create arbitrary files via a directory traversal attack in theRNTO command. - An authenticated remote attacker may be able to upload a file to the current Windows directory with rename by placing the destination in '\' (ie, 'My Computer').


Upgrade to version or higher.