CVE-2008-4500

Name of the Vulnerable Software and Affected Versions: Serv-U versions 7.0.0.1 through 7.3

Description: The issue allows remote authenticated users to cause a denial of service, specifically CPU consumption, by sending a crafted stou command. This is likely related to the handling of MS-DOS device names. An example of such a crafted command includes using "con:1".

Recommendations: For Serv-U versions 7.0.0.1 through 7.3, consider restricting access to the stou command as a temporary workaround until a patch is available. Avoid using MS-DOS device names in commands to minimize the risk of exploitation.