Denial of Service Vulnerability in Serv-U FTP Server by RhinoSoft
CVE-2002-2393

Currently unrated

Key Information:

Vendor: Solarwinds
Status: Serv-u File Server
Vendor: CVE Published:; 31 December 2002

Summary

The Serv-U FTP server versions 3.0, 3.1, and 4.0.0.4 exhibit a vulnerability that hampers the acceptance of new connections when validating user folder access rights. An attacker can exploit this flaw by sending a stream of MKD commands, ultimately leading to a denial of service condition where no new connections can be established. This vulnerability can severely affect the availability of services for users relying on the FTP server.

References

http://archives.neohapsis.com/archives/bugtraq/2002-11/01...

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/6112

vdb-entryx_refsource_BID

http://www.iss.net/security_center/static/10573.php

vdb-entryx_refsource_XF

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 31, 2002