Denial of Service Vulnerability in Rhino Software Serv-U FTP Server
CVE-2009-3655

Currently unrated

Key Information:

Vendor

Solarwinds
Status
Serv-u File Server
Vendor
CVE Published:
9 October 2009

What is CVE-2009-3655?

The allowable command 'SITE SET TRANSFERPROGRESS ON' in Rhino Software's Serv-U FTP Server versions 7.0.0.1 through 8.2.0.3 is susceptible to exploitation by remote attackers. This vulnerability can be triggered through various unspecified vectors, resulting in a denial of service scenario that may lead to server crashes. Organizations using affected versions are advised to evaluate their server configurations and apply necessary patches to mitigate potential disruptions.

References

http://secunia.com/advisories/36873
third-party-advisoryx_refsource_SECUNIA
http://www.serv-u.com/releasenotes/
x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.