RhinoSoft Serv-U FTP Server TEA Decoder Remote Stack Buffer Overflow Vulnerability Network Vulnerability

Summary

RhinoSoft Serv-U FTP Server is prone to a remote stack-based buffer- overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Serv-U 9.0.0.5 is vulnerable other versions may also be affected.

Solution

Updates are available. Please see the references for details.

References

http://www.securityfocus.com/archive/1/507955
http://www.securityfocus.com/bid/37051
http://www.serv-u.com/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4006
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

SolarFTP 'PASV' Command Remote Buffer Overflow Vulnerability
FreeBSD and OpenBSD 'ftpd' NULL Pointer Dereference Denial Of Service Vulnerability
FileCopa FTP Server Directory Traversal Vulnerability
Smallftpd FTP Server Multiple Requests Denial of Service Vulnerability
RhinoSoft Serv-U FTP Server TEA Decoder Remote Stack Buffer Overflow Vulnerability

Take action and discover your vulnerabilities