Published: 11/12/2000 Updated: 19/12/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Serv-U FTP Server allows remote malicious users to bypass its anti-hammering feature by first logging on as a valid user (possibly anonymous) and then attempting to guess the passwords of other users.

Affected Products

Vendor Product Versions
Cat SoftServ-u2.5x


source: wwwsecurityfocuscom/bid/1860/info FTP Serv-U is an internet FTP server from CatSoft FTP Serv-U contains an anti brute-force security feature which does not indicate whether an account is valid or not, after three unsuccessful login attempts a user is disconnected Reconnection is not permitted until after a specified amount of ...