CVE-2004-0330

Serv-U ftp <5.0.0.4 - RCE

Title source: llm

Description

Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command.

Exploits (7)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16715

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Sam · cremotewindows

https://www.exploit-db.com/exploits/158

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by lion · cremotewindows

https://www.exploit-db.com/exploits/23763

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by shaun2k2 · cdoswindows

https://www.exploit-db.com/exploits/23762

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by shaun2k2 · cdoswindows

https://www.exploit-db.com/exploits/23761

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by saintjmf · perldoswindows

https://www.exploit-db.com/exploits/23760

View Code ZIP pw:eip

metasploit WORKING POC GOOD

by spoonm · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/servu_mdtm.rb

View Code ZIP pw:eip

References (4)

[Mailing List] http://marc.info/?l=bugtraq&m=107781164214399&w=2

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/9751

[Vendor Advisory] http://www.cnhonker.com/advisory/serv-u.mdtm.txt

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/15323

Scores

EPSS 0.8314

EPSS Percentile 99.3%

Details

CWE

CWE-119

Status published

Products (9)

solarwinds/serv-u_file_server 3.0.0.16

solarwinds/serv-u_file_server 3.0.0.17

solarwinds/serv-u_file_server 3.1.0.0

solarwinds/serv-u_file_server 3.1.0.1

solarwinds/serv-u_file_server 3.1.0.3

solarwinds/serv-u_file_server 4.0.0.4

solarwinds/serv-u_file_server 4.1.0.0

solarwinds/serv-u_file_server 4.1.0.3

solarwinds/serv-u_file_server < 5.0.0.0

Published Nov 23, 2004

Tracked Since Feb 18, 2026