Denial of Service Vulnerability in Rhino Software Serv-U FTP Server
CVE-2009-3655

Currently unrated

Key Information:

Vendor: Solarwinds
Status: Serv-u File Server
Vendor: CVE Published:; 9 October 2009

Summary

The allowable command 'SITE SET TRANSFERPROGRESS ON' in Rhino Software's Serv-U FTP Server versions 7.0.0.1 through 8.2.0.3 is susceptible to exploitation by remote attackers. This vulnerability can be triggered through various unspecified vectors, resulting in a denial of service scenario that may lead to server crashes. Organizations using affected versions are advised to evaluate their server configurations and apply necessary patches to mitigate potential disruptions.

References

http://secunia.com/advisories/36873

third-party-advisoryx_refsource_SECUNIA

http://www.serv-u.com/releasenotes/

x_refsource_CONFIRM

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 9, 2009
Vulnerability Reserved
Oct 9, 2009