Serv-U FTP site chmod buffer overflow
Added: 07/17/2006CVE: CVE-2004-2111
BID: 9675
OSVDB: 3713
Background
Serv-U is an FTP server for Windows platforms.Problem
An attacker who has logged on to the Serv-U FTP server and has a writable directory could execute arbitrary commands by sending a site chmod command with an overly long file name. A buffer overflow occurs when Serv-U prepares an error response by copying the file name into a fixed length buffer.Resolution
Upgrade to Serv-U FTP Server 4.2 or higher.References
http://archives.neohapsis.com/archives/bugtraq/2004-01/0249.htmlLimitations
Exploit works on Serv-U FTP Server 4.1.0.0. This exploit requires valid FTP login credentials, and the FTP account must have a writable home directory.Platforms
Windows 2000Windows XP
Back to exploit index