Description
Buffer overflow in Serv-U FTP server before 5.0.0.6 allows remote attackers to cause a denial of service (crash) via a long -l parameter, which triggers an out-of-bounds read.
Affected products
- SolarWinds / Serv-U File Server5.0.0.4
- SolarWinds / Serv-U File Server3.0.0.16 – 3.0.0.16
- SolarWinds / Serv-U File Server3.0.0.17 – 3.0.0.17
- SolarWinds / Serv-U File Server3.1.0.0 – 3.1.0.0
- SolarWinds / Serv-U File Server3.1.0.1 – 3.1.0.1
- SolarWinds / Serv-U File Server3.1.0.3 – 3.1.0.3
- SolarWinds / Serv-U File Server4.0.0.4 – 4.0.0.4
- SolarWinds / Serv-U File Server4.1.0.0 – 4.1.0.0
- SolarWinds / Serv-U File Server4.1.0.3 – 4.1.0.3
- SolarWinds / Serv-U File Server5.0.0.0 – 5.0.0.0
References
- MAILING_LISThttp://marc.info/?l=bugtraq&m=108360377119290&w=2
- MISChttp://www.osvdb.org/5546
- MISChttp://www.securityfocus.com/bid/10181
- MISChttp://www.securiteam.com/windowsntfocus/5ZP0G2KCKA.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/11430
- MAILING_LISThttp://marc.info/?l=ntbugtraq&m=108359620108234&w=2
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/15913
- MISChttp://securitytracker.com/id?1009869