Check Point Advisories

Preemptive Protection against RhinoSoft Serv-U FTP Server 'rnto' Command Directory Traversal Vulnerability

Check Point Reference: CPAI-2009-308
Date Published: 14 Dec 2009
Severity: Critical
Last Updated: Friday 12 July, 2002
Source: BugTraq ID: 31563
Industry Reference:N/A
Protection Provided by:
Who is Vulnerable? Serv-U FTP server 7.2.0.1
Vulnerability Description A directory-traversal vulnerability was reported in RhinoSoft Serv-U FTP. The application fails to sufficiently sanitize user-supplied input. Remote attackers can exploit this issue by write arbitrary files to locations outside of the application's current directory.
Update/Patch AvaliableAt the time of writing the vendor has not supplied a patch.
Vulnerability DetailsAn attacker can exploit this issue by convincing a user to connect to a malicious server.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK