CVE-2009-1031

Currently unrated

Key Information:

Vendor: Solarwinds
Status: Serv-u File Server
Vendor: CVE Published:; 20 March 2009

Summary

Directory traversal vulnerability in the FTP server in Rhino Software Serv-U File Server 7.0.0.1 through 7.4.0.1 allows remote attackers to create arbitrary directories via a .. (backslash dot dot) in an MKD request.

References

https://www.exploit-db.com/exploits/8211

exploitx_refsource_EXPLOIT-DB

http://secunia.com/advisories/34329

third-party-advisoryx_refsource_SECUNIA

http://osvdb.org/52773

vdb-entryx_refsource_OSVDB

EPSS Score

64% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 20, 2009
Vulnerability Reserved
Mar 19, 2009