| VID |
16155 |
| Severity |
40 |
| Port |
21 |
| Protocol |
TCP |
| Class |
FTP |
| Detailed Description |
According to its banner, the installed version of Serv-U is a version prior to 15.2.3 Hotfix 2. It is, therefore, affected memory escape vulnerability. An unauthenticated remote attacker who successfully exploited this vulnerability could run arbitrary code with privileges, which could then install programs; view, change, or delete data; or run programs on the affected system.
* Note: This check solely relied on the version number of the remote FTP server to assess this vulnerability, so this might be a false positive.
* References:
http://www.serv-u.com/releasenotes/
* Platforms Affected:
Rhino Software, Inc., Serv-U FTP Server 15.2.3 prior
Microsoft Windows Any version |
| Recommendation |
Upgrade to latest version of Serv-U (15.2.3 or later), available from Serv-U Web site at http://www.serv-u.com/ |
| Related URL |
CVE-2021-35211 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
