CVE-2004-0330

Serv-U File Server < 5.0.0.0 - Authenticated Buffer Overflow via MDTM Command

Title source: manual
STIX 2.1

Exploitation Summary

EIP tracks 7 public exploits for CVE-2004-0330. PoCs published by Metasploit, Sam, lion, including Metasploit module exploits/windows/ftp/servu_mdtm.

AI-analyzed exploit summary This is a Metasploit module exploiting a buffer overflow in Serv-U FTP Server's MDTM command (CVE-2004-0330). It targets multiple versions (4.0.0.4, 4.1.0.0, 4.1.0.3, 5.0.0.0) and includes a customizable payload with bad character avoidance and SEH overwrite techniques.

Description

Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command.

Exploits (7)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16715

This is a Metasploit module exploiting a buffer overflow in Serv-U FTP Server's MDTM command (CVE-2004-0330). It targets multiple versions (4.0.0.4, 4.1.0.0, 4.1.0.3, 5.0.0.0) and includes a customizable payload with bad character avoidance and SEH overwrite techniques.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Serv-U FTP Server (versions prior to 5.0.0.4)
Auth required
Prerequisites: Network access to vulnerable Serv-U FTP Server · Valid FTP credentials
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Sam · cremotewindows
https://www.exploit-db.com/exploits/158

This exploit targets a buffer overflow vulnerability in Serv-U FTPD 3.x/4.x/5.x via the MDTM command. It includes shellcode for remote code execution, supporting multiple Windows versions and architectures.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Serv-U FTPD 3.x/4.x/5.x
Auth required
Prerequisites: Network access to the target FTP server · Valid FTP credentials
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by lion · cremotewindows
https://www.exploit-db.com/exploits/23763

This is a functional exploit for CVE-2004-0330, targeting a stack-based buffer overflow in Serv-U FTP Server via the MDTM command. It includes shellcode for remote code execution and supports multiple targets and configurations.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Serv-U FTP Server 2.x/3.x/4.x/5.x
Auth required
Prerequisites: Valid FTP account (including anonymous) · Network access to the FTP server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by shaun2k2 · cdoswindows
https://www.exploit-db.com/exploits/23762

This exploit demonstrates a stack-based buffer overflow in Serv-U FTP Server via the MDTM command. It sends an overly large time zone argument to crash the server, though arbitrary code execution is possible.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Serv-U FTP Server (version not specified)
Auth required
Prerequisites: Valid FTP credentials · Network access to the target server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by shaun2k2 · cdoswindows
https://www.exploit-db.com/exploits/23761

This exploit targets a stack-based buffer overflow in Serv-U FTP Server via the MDTM command. It sends an overly large filename parameter to crash the server, with potential for arbitrary code execution.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Serv-U FTP Server (version not specified)
Auth required
Prerequisites: Valid login credentials · Network access to the FTP server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by saintjmf · perldoswindows
https://www.exploit-db.com/exploits/23760

This exploit targets a stack-based buffer overflow in Serv-U FTP Server via the MDTM command. It sends a maliciously crafted time zone argument to trigger the vulnerability, potentially causing a denial-of-service (DoS) by crashing the server.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Serv-U FTP Server (version not specified, likely pre-2004)
Auth required
Prerequisites: Valid username and password for the FTP server · Network access to the target FTP server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GOOD
by spoonm · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/servu_mdtm.rb

This Metasploit module exploits a buffer overflow in Serv-U FTP Server's MDTM command (CVE-2004-0330) to achieve remote code execution. It includes payload handling, SEH overwrites, and version-specific adjustments for reliability.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Serv-U FTP Server (versions 4.0.0.4, 4.1.0.0, 4.1.0.3, 5.0.0.0)
Auth required
Prerequisites: Network access to Serv-U FTP Server · Valid FTP credentials
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15323
Vendor Advisory x_refsource_misc
http://www.cnhonker.com/advisory/serv-u.mdtm.txt
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=107781164214399&w=2
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/9751

Scores

EPSS 0.8547
EPSS Percentile 99.7%

Details

CWE
CWE-119
Status published
Products (9)
solarwinds/serv-u_file_server 3.0.0.16
solarwinds/serv-u_file_server 3.0.0.17
solarwinds/serv-u_file_server 3.1.0.0
solarwinds/serv-u_file_server 3.1.0.1
solarwinds/serv-u_file_server 3.1.0.3
solarwinds/serv-u_file_server 4.0.0.4
solarwinds/serv-u_file_server 4.1.0.0
solarwinds/serv-u_file_server 4.1.0.3
solarwinds/serv-u_file_server < 5.0.0.0
Published Nov 23, 2004
Tracked Since Feb 18, 2026