Skip to main content

Serv-U FTPS Server Command Channel SSL Negotiation and FTP Server Directory Traversal Vulnerability

Last Update Date: 6 Dec 2011 Release Date: 2 Dec 2011 5679 Views

RISK: Medium Risk

TYPE: Servers - Internet App Servers

TYPE: Internet App Servers

Two vulnerability have been identified in Serv-U, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information and manipulate certain data.

  1. The vulnerability is caused due to the FTPS server leaving the command channel in an operational state, although the SSL negotiation on the command channel failed. This can be exploited to e.g. perform Man-in-the-Middle (MitM) attacks. The vulnerability is reported in versions prior to 11.1.0.3.
  2. The vulnerability is caused due to an input sanitisation error within the FTP server and can be exploited to e.g. download or delete files outside of the FTP's root directory via directory traversal attacks. The vulnerability is confirmed in version 10.3.0.1 and 11.1.0.3 on Windows. Other versions may also be affected.

Impact

  • Security Restriction Bypass
  • Information Disclosure
  • Data Manipulation

System / Technologies affected

  • Serv-U 10.x
  • Serv-U 11.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • For Serv-U FTPS Server Command Channel SSL Negotiation Vulnerability,
    Update to version 11.1.0.3.

  • For Serv-U FTP Server Directory Traversal Vulnerability
    Restrict access to trusted users only.


Vulnerability Identifier

  • No CVE information is available

Source

 


Related Link