servUftpd.txt

servUftpd.txt: Posted Sep 13, 2004; Authored by Patrick Thomassen; Multiple methods exist that allow for a crash of the Serv-U FTP server versions 4.x through 5.x.; tags | advisory; SHA-256 | d941fdd90d43d505caf64fd5ccd29666e277692cc3b92dcb7f904ebe311179ac; Download | Favorite | View

servUftpd.txt



Serv-U FTP server is a secure, advanced FTP server for Windows. However, like most programs, it is not completely bugfree.



I (and maybe more people with me) found this bug some time ago. It can be triggered as *every* user that can log in, anonymous included, and exists in possibly every version. (At least 4.x and 5.x series).



The exploit might be a cliché but it might threaten (hosting and other) companies that use this FTP server.



Following commands will trigger the crash:



STOU COM1

STOU LPT1

STOU PRN

STOU AUX



However, "STOU NUL" does NOT work.



Greetings,

Patrick

Top Authors In Last 30 Days

Red Hat 242 files
Ubuntu 52 files
Debian 22 files
LiquidWorm 15 files
Apple 9 files
Gentoo 8 files
Google Security Research 3 files
Alter Prime 3 files
Pierre Kim 2 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,166)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,960)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,344)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,989)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

servUftpd.txt

servUftpd.txt

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

servUftpd.txt

Share This

servUftpd.txt

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems