RhinoSoft Serv-U FTP Server TEA Decoder Remote Stack Buffer Overflow Vulnerability Network Vulnerability

Summary

RhinoSoft Serv-U FTP Server is prone to a remote stack-based buffer- overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Serv-U 9.0.0.5 is vulnerable other versions may also be affected.

Solution

Updates are available. Please see the references for details.

References

http://www.securityfocus.com/archive/1/507955
http://www.securityfocus.com/bid/37051
http://www.serv-u.com/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4006

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

FFFTP LIST Command Directory Traversal Vulnerability
Trellian FTP 'PASV' Response Buffer Overflow Vulnerability
Smallftpd FTP Server Multiple Requests Denial of Service Vulnerability
HP-UX ftpd glob() Expansion STAT Buffer Overflow
EFTP installation directory disclosure

Take action and discover your vulnerabilities