CVE-2002-2393

Serv-U File Server 3.0-4.0.0.4 - Denial of Service via MKD Command

Title source: llm
STIX 2.1

Description

Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections while validating user folder access rights, which allows remote attackers to cause a denial of service (no new connections) via a series of MKD commands.

References (3)

Core 3
Core References
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-11/0109.html
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/6112
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10573.php

Scores

EPSS 0.0730
EPSS Percentile 91.8%

Details

CWE
CWE-20
Status published
Products (2)
solarwinds/serv-u_file_server 3.1.0.0
solarwinds/serv-u_file_server 4.0.0.4
Published Dec 31, 2002
Tracked Since Feb 18, 2026