Описание
Serv-U FTP Server before 6.1.0.4 allows attackers to cause a denial of service (crash) via (1) malformed packets and possibly other unspecified issues with unknown impact and attack vectors including (2) use of "~" in a pathname, and (3) memory consumption of the daemon. NOTE: it is not clear whether items (2) and above are vulnerabilities.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.1.0.1 (включая)
Одно из
cpe:2.3:a:solarwinds:serv-u_file_server:*:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:3.0.0.16:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:3.0.0.17:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:3.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:3.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:3.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:4.0.0.4:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:4.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:4.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:5.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:5.0.0.4:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:5.0.0.9:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:5.0.0.11:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:5.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:5.2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:5.2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:6.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:6.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:6.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:serv-u_file_server:6.1.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.02043
Низкий
5 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
почти 4 года назад
Serv-U FTP Server before 6.1.0.4 allows attackers to cause a denial of service (crash) via (1) malformed packets and possibly other unspecified issues with unknown impact and attack vectors including (2) use of "~" in a pathname, and (3) memory consumption of the daemon. NOTE: it is not clear whether items (2) and above are vulnerabilities.
EPSS
Процентиль: 83%
0.02043
Низкий
5 Medium
CVSS2
Дефекты
CWE-20