Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2111

Overview

Vulnerability Score 8.5 8.5
CVE Id CVE-2004-2111
Last Modified 27 Apr 2010 03:27:09
Published 31 Dec 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2004-2111

Summary

Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename.

Vulnerable Systems

Application

  • Serv-u 3.0.0.16

  • Serv-u 3.0.0.17

  • Serv-u 3.1.0.0

  • Serv-u 3.1.0.1

  • Serv-u 3.1.0.3

  • Serv-u 4.0.0.4

  • Serv-u 4.1.0.0

  • Serv-u 4.1.0.3


References

XF - servu-chmodcommand-execute-code(14931)

BID - 9675

BID - 9483

SECTRACK - 1008841

BUGTRAQ - 20040126 Serv-U ftp 4.2 site chmod long_file_name exploit

BUGTRAQ - 20040124 [SST]ServU MDTM command remote buffero verflow adv


Last Updated: 27 May 2016 10:39:21