ID

VAR-201112-0269


CVE

CVE-2011-4800


TITLE

Serv-U FTP Server traversal vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2011-003369

DESCRIPTION

Directory traversal vulnerability in Serv-U FTP Server before 11.1.0.5 allows remote authenticated users to read and write arbitrary files, and list and create arbitrary directories, via a "..:/" (dot dot colon forward slash) in the (1) list, (2) put, or (3) get commands. ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Serv-U FTP Server Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA47021 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47021/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47021 RELEASE DATE: 2011-12-01 DISCUSS ADVISORY: http://secunia.com/advisories/47021/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47021/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47021 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Kingcope has discovered a vulnerability in Serv-U, which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data. The vulnerability is caused due to an input sanitisation error within the FTP server and can be exploited to e.g. download or delete files outside of the FTP's root directory via directory traversal attacks. The vulnerability is confirmed in version 10.3.0.1 and 11.1.0.3 on Windows. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Kingcope ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2011-11/0454.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.71

sources: NVD: CVE-2011-4800 // JVNDB: JVNDB-2011-003369 // PACKETSTORM: 107458

AFFECTED PRODUCTS

vendor:solarwindsmodel:serv-u file serverscope:eqversion:6.1.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:8.1.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:6.4.0.4

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:10.2.0.2

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:6.4.0.6

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:10.5.0.4

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:3.1.0.3

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:8.0.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:8.2.0.3

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:8.0.0.4

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:6.2.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:9.1.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.2.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:9.2.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:6.3.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:6.1.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.3.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:10.5.0.24

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:3.0.0.17

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:6.1.0.5

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:6.4.0.2

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:5.2.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:10.5.0.16

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:11.0.0.4

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:10.0.0.3

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:10.5.0.11

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:9.0.0.5

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:10.5.0.14

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:11.0.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.3.0.2

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.3.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:6.4.0.5

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:4.0.0.4

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:10.0.0.2

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.1.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:5.0.0.11

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:3.1.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:5.1.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:5.0.0.4

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:8.0.0.5

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.0.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.0.0.2

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:6.2.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.0.0.3

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:5.0.0.9

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:3.0.0.16

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.0.0.4

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.1.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:8.1.0.3

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:10.5.0.6

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:6.4.0.3

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:9.4.0.2

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:6.4.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:10.0.0.7

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:6.4.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:8.2.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:6.0.0.2

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:10.5.0.21

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:10.3.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.1.0.2

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:6.0.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:9.0.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:10.0.0.5

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:11.0.0.2

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:9.4.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:9.1.0.2

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:11.1.0.5

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:4.1.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:10.4.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:6.0.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:10.1.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.4.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:9.0.0.3

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:lteversion:11.1.0.3

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.4.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:7.2.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:6.1.0.4

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:5.2.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:8.2.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:10.1.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:8.0.0.2

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:4.1.0.3

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:5.0.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:3.1.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:9.3.0.1

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:10.2.0.0

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:8.0.0.7

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:10.5.0.19

Trust: 1.0

vendor:solarwindsmodel:serv-u file serverscope:eqversion:6.3.0.0

Trust: 1.0

vendor:rhinomodel:serv-u ftp serverscope:ltversion:11.1.0.5

Trust: 0.8

vendor:serv umodel:serv-uscope:eqversion:10.0.0.3

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:11.0.0.0

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:10.0.0.7

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:11.1.0.3

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:11.0.0.4

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:10.0.0.5

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:10.1.0.0

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:11.1.0.5

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:11.0.0.2

Trust: 0.6

vendor:serv umodel:serv-uscope:eqversion:10.0.0.2

Trust: 0.6

sources: JVNDB: JVNDB-2011-003369 // CNNVD: CNNVD-201112-212 // NVD: CVE-2011-4800

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-4800
value: HIGH

Trust: 1.0

NVD: CVE-2011-4800
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201112-212
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2011-4800
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: JVNDB: JVNDB-2011-003369 // CNNVD: CNNVD-201112-212 // NVD: CVE-2011-4800

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.8

sources: JVNDB: JVNDB-2011-003369 // NVD: CVE-2011-4800

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201112-212

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-201112-212

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-003369

PATCH

title:Serv-U Release Notesurl:http://www.serv-u.com/releasenotes/

Trust: 0.8

title:Serv-U-Linux-x86-Installurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=42094

Trust: 0.6

title:ServUSetupurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=42093

Trust: 0.6

title:Serv-U-Linux-x86_64-Installurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=42095

Trust: 0.6

sources: JVNDB: JVNDB-2011-003369 // CNNVD: CNNVD-201112-212

EXTERNAL IDS

db:NVDid:CVE-2011-4800

Trust: 2.4

db:SECUNIAid:47021

Trust: 1.7

db:EXPLOIT-DBid:18182

Trust: 1.6

db:JVNDBid:JVNDB-2011-003369

Trust: 0.8

db:CNNVDid:CNNVD-201112-212

Trust: 0.6

db:PACKETSTORMid:107458

Trust: 0.1

sources: JVNDB: JVNDB-2011-003369 // PACKETSTORM: 107458 // CNNVD: CNNVD-201112-212 // NVD: CVE-2011-4800

REFERENCES

url:http://archives.neohapsis.com/archives/fulldisclosure/2011-11/0454.html

Trust: 1.7

url:http://www.serv-u.com/releasenotes/

Trust: 1.6

url:http://secunia.com/advisories/47021

Trust: 1.6

url:http://www.exploit-db.com/exploits/18182

Trust: 1.6

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4800

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4800

Trust: 0.8

url:http://secunia.com/advisories/47021/

Trust: 0.1

url:http://secunia.com/company/jobs/

Trust: 0.1

url:http://secunia.com/vulnerability_intelligence/

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=47021

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:http://secunia.com/advisories/47021/#comments

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: JVNDB: JVNDB-2011-003369 // PACKETSTORM: 107458 // CNNVD: CNNVD-201112-212 // NVD: CVE-2011-4800

CREDITS

Secunia

Trust: 0.1

sources: PACKETSTORM: 107458

SOURCES

db:JVNDBid:JVNDB-2011-003369
db:PACKETSTORMid:107458
db:CNNVDid:CNNVD-201112-212
db:NVDid:CVE-2011-4800

LAST UPDATE DATE

2024-11-23T22:08:53.474000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2011-003369date:2011-12-16T00:00:00
db:CNNVDid:CNNVD-201112-212date:2020-07-29T00:00:00
db:NVDid:CVE-2011-4800date:2024-11-21T01:33:00.813

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2011-003369date:2011-12-16T00:00:00
db:PACKETSTORMid:107458date:2011-12-01T04:30:58
db:CNNVDid:CNNVD-201112-212date:2011-12-14T00:00:00
db:NVDid:CVE-2011-4800date:2011-12-14T00:55:02.217