Nexpose Vulnerability Database
Serv-U CWD Buffer Overflow
Severity |
CVSS |
Published |
Added |
Modified |
|---|---|---|---|---|
| Critical (10) | 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Jul 1, 1997 | Nov 1, 2004 | Sep 2, 2010 |
Description:
Serv-U FTP versions prior to v2.5a contain an exploitable buffer overflow that is triggered when an attacker supplies an overly long CWD request.References:
- BID: http://www.securityfocus.com/bid/269
- CVE: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0219
- XF: http://xforce.iss.net/xforce/xfdb/205
Solution:
Upgrade to Serv-U 2.5a
Download and apply the upgrade from: http://www.serv-u.com/download.htm
Information on these pages is summary information extracted from the Nexpose Vulnerabilty Assessment system. Full details are provided within the Nexpose product for licensed users.
