FTP: Serv-U 'STOU' Command Denial of Service
This signature detects an attempt to exploit a denial of service condition in the Serv-U FTP daemon. By supplying a STOU request containing a MS-DOS device name, a client can cause the server to crash.
Extended Description
Serv-U FTP Server is reported prone to a denial of service vulnerability. This issue presents itself because the application fails to handle exceptional conditions. The vulnerability is a result of Serv-U FTP Server processing certain 'STOU' commands. All versions of Serv-U prior to 5.2.0.1 are reportedly affected by this vulnerability.
Affected Products
Rhino_software serv-u
Short Name
FTP:SERVU:STOU-DOS
Severity
Minor
Recommended
False
Recommended Action
None
Category
FTP
Keywords
'STOU' CVE-2004-1675 Command Denial Serv-U Service bid:11155 of
Release Date
01/19/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Rhino_software
CVSS Score
5.0