ID

VAR-200810-0277


CVE

CVE-2008-4501


TITLE

Serv-U of FTP Server traversal vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2008-006296

DESCRIPTION

Directory traversal vulnerability in the FTP server in Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote authenticated users to overwrite or create arbitrary files via a ..\ (dot dot backslash) in the RNTO command. Serv-U is prone to a directory traversal vulnerability. ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Serv-U File Renaming Directory Traversal and STOU Denial of Service SECUNIA ADVISORY ID: SA32150 VERIFY ADVISORY: http://secunia.com/advisories/32150/ CRITICAL: Moderately critical IMPACT: DoS, System access WHERE: >From remote SOFTWARE: Serv-U File Server 7.x http://secunia.com/advisories/product/19573/ DESCRIPTION: dmnt has discovered two vulnerabilities in Serv-U, which can be exploited by malicious users to cause a DoS (Denial of Service) or compromise a vulnerable system. 1) An error in the handling of the "STOU" FTP command can be exploited to exhaust available CPU resources via a specially crafted argument (e.g. "CON:1"). The vulnerabilities are confirmed in version 7.3.0.0. Other versions may also be affected. SOLUTION: Restrict access to the FTP service. PROVIDED AND/OR DISCOVERED BY: dmnt ORIGINAL ADVISORY: http://milw0rm.com/exploits/6660 http://milw0rm.com/exploits/6661 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.98

sources: NVD: CVE-2008-4501 // JVNDB: JVNDB-2008-006296 // BID: 84767 // PACKETSTORM: 70630

AFFECTED PRODUCTS

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.3.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.2.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.1.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.1.0.2

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.0.0.3

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.0.0.4

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.1.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.0.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.0.0.2

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.3.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.2.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.3.0.2

Trust: 1.0

vendor:rhinomodel:serv-u ftp serverscope:eqversion:7.0.0.1 to 7.2.0.1 including 7.3

Trust: 0.8

vendor:serv umodel:serv-uscope:eqversion:7.2.0.0

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:7.1.0.0

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:7.2.0.1

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:7.0.0.4

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:7.0.0.3

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:7.3.0.0

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:7.3.0.1

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:7.3.0.2

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:7.1.0.2

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:7.1.0.1

Trust: 0.6

sources: JVNDB: JVNDB-2008-006296 // CNNVD: CNNVD-200810-127 // NVD: CVE-2008-4501

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-4501
value: HIGH

Trust: 1.0

NVD: CVE-2008-4501
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200810-127
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2008-4501
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: JVNDB: JVNDB-2008-006296 // CNNVD: CNNVD-200810-127 // NVD: CVE-2008-4501

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.8

sources: JVNDB: JVNDB-2008-006296 // NVD: CVE-2008-4501

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200810-127

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-200810-127

CONFIGURATIONS

sources: JVNDB: JVNDB-2008-006296

PATCH

title:Top Pageurl:http://www.serv-u.com/

Trust: 0.8

sources: JVNDB: JVNDB-2008-006296

EXTERNAL IDS

db:NVDid:CVE-2008-4501

Trust: 2.7

db:EXPLOIT-DBid:6661

Trust: 2.0

db:SREASONid:4378

Trust: 1.9

db:SECUNIAid:32150

Trust: 1.8

db:VUPENid:ADV-2008-2746

Trust: 1.6

db:JVNDBid:JVNDB-2008-006296

Trust: 0.8

db:CNNVDid:CNNVD-200810-127

Trust: 0.6

db:BIDid:84767

Trust: 0.3

db:EXPLOIT-DBid:6660

Trust: 0.1

db:PACKETSTORMid:70630

Trust: 0.1

sources: BID: 84767 // JVNDB: JVNDB-2008-006296 // PACKETSTORM: 70630 // CNNVD: CNNVD-200810-127 // NVD: CVE-2008-4501

REFERENCES

url:http://securityreason.com/securityalert/4378

Trust: 1.9

url:https://www.exploit-db.com/exploits/6661

Trust: 1.6

url:http://www.vupen.com/english/advisories/2008/2746

Trust: 1.6

url:http://secunia.com/advisories/32150

Trust: 1.6

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4501

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-4501

Trust: 0.8

url:http://www.milw0rm.com/exploits/6661

Trust: 0.3

url:http://milw0rm.com/exploits/6660

Trust: 0.1

url:http://secunia.com/binary_analysis/sample_analysis/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/advisories/32150/

Trust: 0.1

url:http://milw0rm.com/exploits/6661

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/product/19573/

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: BID: 84767 // JVNDB: JVNDB-2008-006296 // PACKETSTORM: 70630 // CNNVD: CNNVD-200810-127 // NVD: CVE-2008-4501

CREDITS

Unknown

Trust: 0.3

sources: BID: 84767

SOURCES

db:BIDid:84767
db:JVNDBid:JVNDB-2008-006296
db:PACKETSTORMid:70630
db:CNNVDid:CNNVD-200810-127
db:NVDid:CVE-2008-4501

LAST UPDATE DATE

2024-11-23T23:00:09.355000+00:00


SOURCES UPDATE DATE

db:BIDid:84767date:2008-10-08T00:00:00
db:JVNDBid:JVNDB-2008-006296date:2012-12-20T00:00:00
db:CNNVDid:CNNVD-200810-127date:2020-07-29T00:00:00
db:NVDid:CVE-2008-4501date:2024-11-21T00:51:49.993

SOURCES RELEASE DATE

db:BIDid:84767date:2008-10-08T00:00:00
db:JVNDBid:JVNDB-2008-006296date:2012-12-20T00:00:00
db:PACKETSTORMid:70630date:2008-10-06T22:35:25
db:CNNVDid:CNNVD-200810-127date:2008-10-09T00:00:00
db:NVDid:CVE-2008-4501date:2008-10-09T00:00:01.213