Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2393

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-2393
Last Modified 28 Apr 2010 12:00:00
Published 31 Dec 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-2393

Summary

Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections while validating user folder access rights, which allows remote attackers to cause a denial of service (no new connections) via a series of MKD commands.

Vulnerable Systems

Application

  • Serv-u 3.1.0.0

  • Serv-u 4.0.0.4


References

BID - 6112

XF - servu-mkd-command-dos(10573)

BUGTRAQ - 20021106 RhinoSoft Serv-U FTP Anonymous Remote DoS Vulnerability


Last Updated: 27 May 2016 10:37:44