Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4500

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2008-4500
Last Modified 07 Mar 2011 10:12:33
Published 08 Oct 2008 08:00:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-4500

Summary

Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted stou command, probably related to MS-DOS device names, as demonstrated using "con:1".

Vulnerable Systems

Application

  • Serv-u 7.0.0.1

  • Serv-u 7.0.0.2

  • Serv-u 7.0.0.3

  • Serv-u 7.0.0.4

  • Serv-u 7.1.0.0

  • Serv-u 7.1.0.1

  • Serv-u 7.1.0.2

  • Serv-u 7.2.0.0

  • Serv-u 7.2.0.1

  • Serv-u 7.3.0.0

  • Serv-u 7.3.0.1

  • Serv-u 7.3.0.2


References

XF - servu-stoucon1-dos(45652)

VUPEN - ADV-2008-2746

BID - 31556

MILW0RM - 6660

SREASON - 4377

SECUNIA - 32150


Last Updated: 27 May 2016 10:48:31