Serv-U FTP Server prepareinstallation Privilege Escalation

vendor:

Serv-U FTP Server

by:

Guy Levin and bcoles

8.8

CVSS

HIGH

Privilege Escalation

269

CWE

Product Name: Serv-U FTP Server

Affected Version From: Serv-U FTP Server < 15.1.7

Affected Version To: Serv-U FTP Server < 15.1.7

Patch Exists: YES

Related CWE: CVE-2019-12181

CPE: a:solarwinds:serv-u_ftp_server

Metasploit: https://www.rapid7.com/db/vulnerabilities/amazon-linux-ami-2-cve-2018-12181/

Other Scripts: N/A

Platforms Tested: Linux

2019

Serv-U FTP Server prepareinstallation Privilege Escalation

This module attempts to gain root privileges on systems running Serv-U FTP Server versions prior to 15.1.7. The `Serv-U` executable is setuid `root`, and uses `ARGV[0]` in a call to `system()`, without validation, when invoked with the `-prepareinstallation` flag, resulting in command execution with root privileges.

Mitigation:

Upgrade to Serv-U FTP Server version 15.1.7 or later.

Source

Serv-U FTP Server prepareinstallation Privilege Escalation

Mitigation:

Exploit-DB raw data: