header-logo
Suggest Exploit
vendor:
Serv-U FTP Server
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: Serv-U FTP Server
Affected Version From: 2.5
Affected Version To: 2.5
Patch Exists: Yes
Related CWE: N/A
CPE: //a:serv-u
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Serv-U FTP Server SITE PASS Command Overflow

If the Serv-U FTP server receives an overly long argument to the SITE PASS command, it will crash. To issue this command, an attacker must be already logged in as an authenticated user, including an 'anonymous' user.

Mitigation:

Upgrade to the latest version of Serv-U FTP server
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/859/info

If the Serv-U FTP server receives an overly long argument to the SITE PASS command, it will crash. To issue this command, an attacker must be already logged in as an authenticated user, including an 'anonymous' user.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19664.zip

Navigation

Suggest Exploit

Services By CQR