Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Serv-U < 8.0.0.1 Multiple Vulnerabilities (DoS, Traversal)

High

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote host is running Serv-U File Server, an FTP server for Windows.

This version of Serv-U is earlier than 8.0.0.1 and is reportedly affected by the following issues :

- A directory traversal vulnerability enables an authenticated remote attacker to create directories outside his or her home directory. (CVE-2009-1031)

- An authenticated remote attacker can cause the FTP service to become saturated for a long period of time using a long series of 'SMNT' commands without an argument. During this time, new connections would not be allowed. (CVE-2009-0967)

Solution

Upgrade to version 8.0.0.1 or higher.