PT-2009-6199 · Solarwinds · Serv-U Ftp Server

Publicado

2009-11-20

Atualizado

2020-07-28

CVE-2009-4006

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Serv-U FTP server versions 7.0.0.1 through 9.0.0.5 Serv-U FTP server versions prior to 9.1.0.0

Description The issue is related to a stack-based buffer overflow in the TEA decoding algorithm, which can be exploited by remote attackers to execute arbitrary code. This is achieved by sending a long hexadecimal string.

Recommendations For Serv-U FTP server versions 7.0.0.1 through 9.0.0.5, update to version 9.1.0.0 or later. For Serv-U FTP server versions prior to 9.1.0.0, update to version 9.1.0.0 or later.

Exploit

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2009-4006

Produtos afetados

Serv-U Ftp Server

PT-2009-6199 · Solarwinds · Serv-U Ftp Server

CVE-2009-4006

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 13