Summary
This host is running Serv-U FTP Server and is prone to multiple vulnerabilities.
Impact
Successful exploitation will let the attacker conduct directory traversal attack or can cause denial of service.
Impact Level: System/Application
Solution
Upgrade to Rhinosoft Serv-U FTP Server version 10 or later, For updates refer to http://www.serv-u.com
Insight
- Error when processing 'MKD' commands which can be exploited to create directories residing outside a given user's home directory via directory traversal attacks.
- Error when handing certain FTP commands, by sending a large number of 'SMNT' commands without an argument causes the application to stop responding.
Affected
Rhinosoft Serv-U FTP Server version 7.4.0.1 or prior.
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2009-0967, CVE-2009-1031 -
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:C/A:N
Related Vulnerabilities