Denial of Service Vulnerability in Serv-U FTP Server by SolarWinds
CVE-2005-3467

Currently unrated

Key Information:

Vendor: Solarwinds
Status: Serv-u File Server
Vendor: CVE Published:; 2 November 2005

Summary

The Serv-U FTP Server, prior to version 6.1.0.4, is susceptible to a denial of service vulnerability which allows malicious users to exploit the server via malformed packets. This could lead to unexpected server crashes, resulting in service downtime. Additionally, there are concerns regarding potential vulnerabilities that may be triggered by specific path components, such as the use of '~', and memory consumption issues within the server's daemon processes. However, the impact of these attack vectors remains unclear.

References

http://www.vupen.com/english/advisories/2005/2267

vdb-entryx_refsource_VUPEN

http://www.serv-u.com/releasenotes.asp

x_refsource_CONFIRM

http://secunia.com/advisories/17409

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Nov 2, 2005
Vulnerability Reserved
Nov 2, 2005