Serv-U 7.0.0.1 up to and including 7.3, including 7.2.0.1, allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted stou command, probably related to MS-DOS device names, as demonstrated using "con:1".
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
solarwinds serv-u file server 7.0.0.2 |
||
solarwinds serv-u file server 7.0.0.3 |
||
solarwinds serv-u file server 7.3.0.0 |
||
solarwinds serv-u file server 7.3.0.1 |
||
solarwinds serv-u file server 7.1.0.1 |
||
solarwinds serv-u file server 7.1.0.2 |
||
solarwinds serv-u file server 7.0.0.1 |
||
solarwinds serv-u file server 7.2.0.0 |
||
solarwinds serv-u file server 7.2.0.1 |
||
solarwinds serv-u file server 7.0.0.4 |
||
solarwinds serv-u file server 7.1.0.0 |
||
solarwinds serv-u file server 7.3.0.2 |