Описание
Serv-U FTP server 4.x and 5.x allows remote attackers to cause a denial of service (application crash) via a STORE UNIQUE (STOU) command with an MS-DOS device name argument such as (1) COM1, (2) LPT1, (3) PRN, or (4) AUX.
Ссылки
- PatchVendor Advisory
- ExploitPatchVendor Advisory
- PatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:solarwinds:serv-u_file_server:4.0.0.4:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:4.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:4.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:5.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:5.0.0.4:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:5.0.0.9:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:5.0.0.11:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:5.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:5.2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:5.2.0.1:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06509
Низкий
5 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
почти 4 года назад
Serv-U FTP server 4.x and 5.x allows remote attackers to cause a denial of service (application crash) via a STORE UNIQUE (STOU) command with an MS-DOS device name argument such as (1) COM1, (2) LPT1, (3) PRN, or (4) AUX.
EPSS
Процентиль: 91%
0.06509
Низкий
5 Medium
CVSS2
Дефекты
CWE-20