Serv-U FTP Server Jail Break Network Vulnerability

Summary

Serv-U FTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue allows an attacker to read arbitrary files from locations outside of the application's current directory. This could help the attacker launch further attacks.

References

http://archives.neohapsis.com/archives/fulldisclosure/2011-11/0454.html
http://osvdb.org/77422
http://secunia.com/advisories/47021
http://www.exploit-db.com/exploits/18182
http://www.securityfocus.com/bid/50875
http://xforce.iss.net/xforce/xfdb/71583

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-4800

CVSS	Base Score: 9.0 AV:N/AC:L/Au:S/C:C/I:C/A:C

Related Vulnerabilities

SpoonFTP 'RETR' Command Remote Denial of Service Vulnerability
Multiple WarFTPd DoS
War FTP Daemon USER/PASS Overflow
GNU Bash Environment Variable Handling Shell Remote Command Execution Vulnerability (FTP Check)
Microsoft IIS FTPd NLST stack overflow

Take action and discover your vulnerabilities