Serv-U FTP Server allows remote attackers to bypass its anti-hammering feature by first logging on as a valid user (possibly anonymous) and then attempting to guess the passwords of other users.
Max CVSS
7.5
EPSS Score
2.51%
Published
2000-12-11
Updated
2017-12-19
The default configuration of Serv-U 2.5d and earlier allows remote attackers to determine the real pathname of the server by requesting a URL for a directory or file that does not exist.
Max CVSS
5.0
EPSS Score
0.24%
Published
2000-02-29
Updated
2008-09-10
Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to cause a denial of service (crash) via a long (1) CWD or (2) LS (list) command.
Max CVSS
7.8
EPSS Score
10.95%
Published
1997-07-01
Updated
2018-05-03
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!