Intrusion Prevention

Serv-U.FTP.site.chmod.LongFilename.Remote.Buffer.Overflow

Description

This indicates a possible attempt to exploit a Buffer Overflow in Serv-U FTP.
The vulnerability is due to the application's failure to sanitize the arguments of the "SITE CHMOD" command. An attacker can exploit this to execute arbitrary code on vulnerable systems by sending a "SITE CHMOD" command with an overly long filename.

Affected Products

RhinoSoft Serv-U 4.1.0.11
RhinoSoft Serv-U 4.1
RhinoSoft Serv-U 4.0.0.4
RhinoSoft Serv-U 3.1
RhinoSoft Serv-U 3.0

Impact

System Compromise: Allows remote attackers to execute arbitrary code.

Recommended Actions

Upgrade to Serv-U FTP server 5.0 and later versions at:
http://www.serv-u.com

CVE References

CVE-2004-2111