CVE-2005-3467

Serv-U File Server < 6.1.0.4 - Denial of Service via Malformed Packets

Title source: llm
STIX 2.1

Description

Serv-U FTP Server before 6.1.0.4 allows attackers to cause a denial of service (crash) via (1) malformed packets and possibly other unspecified issues with unknown impact and attack vectors including (2) use of "~" in a pathname, and (3) memory consumption of the daemon. NOTE: it is not clear whether items (2) and above are vulnerabilities.

References (5)

Core 5
Core References
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2005/2267
Various Sources x_refsource_confirm
http://www.serv-u.com/releasenotes.asp
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17409
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1015151
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/15273

Scores

EPSS 0.0204
EPSS Percentile 84.1%

Details

CWE
CWE-20
Status published
Products (20)
solarwinds/serv-u_file_server 3.0.0.16
solarwinds/serv-u_file_server 3.0.0.17
solarwinds/serv-u_file_server 3.1.0.0
solarwinds/serv-u_file_server 3.1.0.1
solarwinds/serv-u_file_server 3.1.0.3
solarwinds/serv-u_file_server 4.0.0.4
solarwinds/serv-u_file_server 4.1.0.0
solarwinds/serv-u_file_server 4.1.0.3
solarwinds/serv-u_file_server 5.0.0.0
solarwinds/serv-u_file_server 5.0.0.4
... and 10 more
Published Nov 02, 2005
Tracked Since Feb 18, 2026