Serv-U is prone to denial-of-service and security-bypass vulnerabilities. Exploiting these issues can allow attackers to create directories without having sufficient permissions, or crash the affected application, resulting in denial-of-service conditions. Versions prior to Serv-U 10.2.0.0 are vulnerable.
Updates are available. Please see the references for more information.
- ProFTPD Prior To 1.3.3g Use-After-Free Remote Code Execution Vulnerability
- BSD ftpd Single Byte Buffer Overflow
- GNU Bash Environment Variable Handling Shell Remote Command Execution Vulnerability (FTP Check)
- Smallftpd FTP Server Multiple Requests Denial of Service Vulnerability
- pyftpdlib FTP Server Multiple Vulnerabilities