Serv-U Multiple Security Vulnerabilities Network Vulnerability

Summary

Serv-U is prone to multiple security vulnerabilities including security- bypass issues and a denial-of-service issue. Attackers can exploit this issue to bypass certain security restrictions or crash the affected application. Versions prior to Serv-U 9.4.0.0 are vulnerable.

Solution

The vendor has released an update. Please see the references for details.

References

http://www.securityfocus.com/bid/38923
http://www.serv-u.com/
http://www.serv-u.com/releasenotes/

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

WS FTP server FTP bounce attack and PASV connection hijacking flaw
Golden FTP PASS Command Buffer Overflow Vulnerability
FTPGetter FTP Client Directory Traversal Vulnerability
Quick 'n Easy FTP Login Denial of Service Vulnerability
GNU Bash Environment Variable Handling Shell Remote Command Execution Vulnerability (FTP Check)

Take action and discover your vulnerabilities