RhinoSoft Serv-U FTP Server LIST Parameter Buffer Overflow Vulnerability

Reportedly Serv-U is affected by a remote buffer overflow vulnerability in the list parameter. This issue is due to a failure of the application to properly validate buffer boundaries during processing of user input.

Successful exploitation would immediately produce a denial of service condition in the affected process. This issue may also be leveraged to execute code on the affected system with the privileges of the user that invoked the vulnerable application, although this has not been confirmed.


 

Privacy Statement
Copyright 2010, SecurityFocus