Serv-U File Renaming Directory Traversal and 'STOU' DoS Vulnerabilities

Summary
The host is running Serv-U FTP Server, which is prone to Directory Traversal and Denial of Service Vulnerabilities. The flaws are due to, - error in handling 'STOU' FTP command. It can exhaust available CPU resources when exploited through a specially crafted argument vaule. - input validation error in the FTP service when renaming files which can be exploited to overwrite or rename files via directory traversal attacks.
Impact
Successful exploitation allows an attacker to write arbitrary files to locations outside of the application's current directory, and deny the service. Impact Level : Application
Solution
Upgrade to RhinoSoft Serv-U FTP Server 10 or later, For updates refer to http://www.serv-u.com/dn.asp
Affected
RhinoSoft Serv-U FTP Server 7.3.0.0 and prior
References