ID

VAR-200810-0276


CVE

CVE-2008-4500


TITLE

Serv-U Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2008-006295

DESCRIPTION

Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted stou command, probably related to MS-DOS device names, as demonstrated using "con:1". Serv-U FTP server is prone to a denial of service vulnerability. An attacker can exploit this vulnerability to cause the server to crash, effectively denying service to legitimate users. Serv-U FTP server 7.2.0.1 is vulnerable; other versions may also be affected. ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Serv-U File Renaming Directory Traversal and STOU Denial of Service SECUNIA ADVISORY ID: SA32150 VERIFY ADVISORY: http://secunia.com/advisories/32150/ CRITICAL: Moderately critical IMPACT: DoS, System access WHERE: >From remote SOFTWARE: Serv-U File Server 7.x http://secunia.com/advisories/product/19573/ DESCRIPTION: dmnt has discovered two vulnerabilities in Serv-U, which can be exploited by malicious users to cause a DoS (Denial of Service) or compromise a vulnerable system. 1) An error in the handling of the "STOU" FTP command can be exploited to exhaust available CPU resources via a specially crafted argument (e.g. "CON:1"). 2) An input validation error in the FTP service when renaming files can be exploited to overwrite or create arbitrary files with user-supplied content via directory traversal attacks. The vulnerabilities are confirmed in version 7.3.0.0. PROVIDED AND/OR DISCOVERED BY: dmnt ORIGINAL ADVISORY: http://milw0rm.com/exploits/6660 http://milw0rm.com/exploits/6661 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.98

sources: NVD: CVE-2008-4500 // JVNDB: JVNDB-2008-006295 // BID: 31556 // PACKETSTORM: 70630

AFFECTED PRODUCTS

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.3.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.2.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.1.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.1.0.2

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.0.0.3

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.0.0.4

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.1.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.0.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.0.0.2

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.3.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.2.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.3.0.2

Trust: 1.0

vendor:rhinomodel:serv-u ftp serverscope:eqversion:7.0.0.1 to 7.2.0.1 including 7.3

Trust: 0.8

vendor:serv umodel:serv-uscope:eqversion:7.2.0.0

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:7.1.0.0

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:7.2.0.1

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:7.0.0.2

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:7.0.0.3

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:7.0.0.4

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:7.3.0.0

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:7.3.0.1

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:7.3.0.2

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:7.0.0.1

Trust: 0.6

vendor:rhinomodel:software serv-uscope:eqversion:7.2.0.1

Trust: 0.3

sources: BID: 31556 // JVNDB: JVNDB-2008-006295 // CNNVD: CNNVD-200810-126 // NVD: CVE-2008-4500

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-4500
value: MEDIUM

Trust: 1.0

NVD: CVE-2008-4500
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200810-126
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2008-4500
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: JVNDB: JVNDB-2008-006295 // CNNVD: CNNVD-200810-126 // NVD: CVE-2008-4500

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.8

sources: JVNDB: JVNDB-2008-006295 // NVD: CVE-2008-4500

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200810-126

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-200810-126

CONFIGURATIONS

sources: JVNDB: JVNDB-2008-006295

PATCH

title:Top Pageurl:http://www.serv-u.com/

Trust: 0.8

sources: JVNDB: JVNDB-2008-006295

EXTERNAL IDS

db:NVDid:CVE-2008-4500

Trust: 2.7

db:BIDid:31556

Trust: 1.9

db:SECUNIAid:32150

Trust: 1.8

db:EXPLOIT-DBid:6660

Trust: 1.7

db:VUPENid:ADV-2008-2746

Trust: 1.6

db:SREASONid:4377

Trust: 1.6

db:JVNDBid:JVNDB-2008-006295

Trust: 0.8

db:CNNVDid:CNNVD-200810-126

Trust: 0.6

db:EXPLOIT-DBid:6661

Trust: 0.1

db:PACKETSTORMid:70630

Trust: 0.1

sources: BID: 31556 // JVNDB: JVNDB-2008-006295 // PACKETSTORM: 70630 // CNNVD: CNNVD-200810-126 // NVD: CVE-2008-4500

REFERENCES

url:http://securityreason.com/securityalert/4377

Trust: 1.6

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/45652

Trust: 1.6

url:http://www.securityfocus.com/bid/31556

Trust: 1.6

url:http://www.vupen.com/english/advisories/2008/2746

Trust: 1.6

url:https://www.exploit-db.com/exploits/6660

Trust: 1.6

url:http://secunia.com/advisories/32150

Trust: 1.6

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4500

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-4500

Trust: 0.8

url:http://www.serv-u.com/

Trust: 0.3

url:http://milw0rm.com/exploits/6660

Trust: 0.1

url:http://secunia.com/binary_analysis/sample_analysis/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/advisories/32150/

Trust: 0.1

url:http://milw0rm.com/exploits/6661

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/product/19573/

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: BID: 31556 // JVNDB: JVNDB-2008-006295 // PACKETSTORM: 70630 // CNNVD: CNNVD-200810-126 // NVD: CVE-2008-4500

CREDITS

dmnt

Trust: 0.9

sources: BID: 31556 // CNNVD: CNNVD-200810-126

SOURCES

db:BIDid:31556
db:JVNDBid:JVNDB-2008-006295
db:PACKETSTORMid:70630
db:CNNVDid:CNNVD-200810-126
db:NVDid:CVE-2008-4500

LAST UPDATE DATE

2024-11-23T23:00:09.386000+00:00


SOURCES UPDATE DATE

db:BIDid:31556date:2015-05-07T17:22:00
db:JVNDBid:JVNDB-2008-006295date:2012-12-20T00:00:00
db:CNNVDid:CNNVD-200810-126date:2020-07-29T00:00:00
db:NVDid:CVE-2008-4500date:2024-11-21T00:51:49.830

SOURCES RELEASE DATE

db:BIDid:31556date:2008-10-03T00:00:00
db:JVNDBid:JVNDB-2008-006295date:2012-12-20T00:00:00
db:PACKETSTORMid:70630date:2008-10-06T22:35:25
db:CNNVDid:CNNVD-200810-126date:2008-10-09T00:00:00
db:NVDid:CVE-2008-4500date:2008-10-09T00:00:01.180