Serv-U FTP Server SITE CHMOD Command Stack Overflow Vulnerability Network Vulnerability

Summary

The remote host is running Serv-U FTP server. There is a bug in the way this server handles arguments to the SITE CHMOD requests which may allow an attacker to trigger a buffer overflow against this server, which may allow him to disable this server remotely or to execute arbitrary code on this host.

Solution

Upgrade to Serv-U FTP Server version 4.2 or later.

References

http://archives.neohapsis.com/archives/bugtraq/2004-01/0249.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0881.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2004-2111, CVE-2004-2533

CVSS	Base Score: 8.5 AV:N/AC:M/Au:S/C:C/I:C/A:C

Related Vulnerabilities

vxworks ftpd buffer overflow
WS FTP overflows
SamiFTP Server 'MKD' Command Buffer Overflow Vulnerability
FTPGetter 'PASV' Command Remote Stack Buffer Overflow Vulnerability
BisonFTP Multiple Commands Remote Buffer Overflow Vulnerabilities

Take action and discover your vulnerabilities