CVE-2008-4501

Currently unrated

Key Information:

Vendor: Solarwinds
Status: Serv-u File Server
Vendor: CVE Published:; 9 October 2008

Summary

Directory traversal vulnerability in the FTP server in Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote authenticated users to overwrite or create arbitrary files via a ..\ (dot dot backslash) in the RNTO command.

References

http://www.vupen.com/english/advisories/2008/2746

vdb-entryx_refsource_VUPEN

https://www.exploit-db.com/exploits/6661

exploitx_refsource_EXPLOIT-DB

http://secunia.com/advisories/32150

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Oct 9, 2008
Vulnerability Reserved
Oct 8, 2008