CVE-2009-4873

Name of the Vulnerable Software and Affected Versions Serv-U Web Client version 9.0.0.5

Description The issue is a stack-based buffer overflow in the HTTP server of the Serv-U Web Client, which can be exploited by remote attackers. This can lead to a denial of service, causing the server to crash, or potentially allow the execution of arbitrary code. The attack vector involves a long Session cookie.

Recommendations For Serv-U Web Client version 9.0.0.5, consider updating to a newer version that addresses this issue, as using a long Session cookie can trigger the buffer overflow. As a temporary workaround, restrict access to the HTTP server to minimize the risk of exploitation. Avoid using excessively long Session cookies in the affected API endpoint until the issue is resolved.