Denial of Service Vulnerability in Serv-U FTP Server by Serv-U Technologies
CVE-2004-1675

Currently unrated

Key Information:

Vendor: Solarwinds
Status: Serv-u File Server
Vendor: CVE Published:; 11 September 2004

Summary

The Serv-U FTP server, specifically versions 4.x and 5.x, possesses a vulnerability that can be exploited by remote attackers to execute a denial of service. This is achieved through the issuance of a STORE UNIQUE (STOU) command containing an MS-DOS device name argument such as COM1, LPT1, PRN, or AUX, leading to an unexpected application crash.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/17329

vdb-entryx_refsource_XF

http://secunia.com/advisories/12507/

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/11155

vdb-entryx_refsource_BID

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Feb 21, 2005
Vulnerability published
Sep 11, 2004