First published: Wed Nov 02 2005(Updated: )
Serv-U FTP Server before 6.1.0.4 allows attackers to cause a denial of service (crash) via (1) malformed packets and possibly other unspecified issues with unknown impact and attack vectors including (2) use of "~" in a pathname, and (3) memory consumption of the daemon. NOTE: it is not clear whether items (2) and above are vulnerabilities.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
SolarWinds Serv-U | <=6.1.0.1 | |
SolarWinds Serv-U | =3.0.0.16 | |
SolarWinds Serv-U | =3.0.0.17 | |
SolarWinds Serv-U | =3.1.0.0 | |
SolarWinds Serv-U | =3.1.0.1 | |
SolarWinds Serv-U | =3.1.0.3 | |
SolarWinds Serv-U | =4.0.0.4 | |
SolarWinds Serv-U | =4.1.0.0 | |
SolarWinds Serv-U | =4.1.0.3 | |
SolarWinds Serv-U | =5.0.0.0 | |
SolarWinds Serv-U | =5.0.0.4 | |
SolarWinds Serv-U | =5.0.0.9 | |
SolarWinds Serv-U | =5.0.0.11 | |
SolarWinds Serv-U | =5.1.0.0 | |
SolarWinds Serv-U | =5.2.0.0 | |
SolarWinds Serv-U | =5.2.0.1 | |
SolarWinds Serv-U | =6.0.0.0 | |
SolarWinds Serv-U | =6.0.0.1 | |
SolarWinds Serv-U | =6.0.0.2 | |
SolarWinds Serv-U | =6.1.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2005-3467 is classified as a denial of service vulnerability that can crash the Serv-U FTP Server.
To fix CVE-2005-3467, upgrade the Serv-U FTP Server to version 6.1.0.4 or later.
CVE-2005-3467 affects all versions of Serv-U FTP Server prior to 6.1.0.4.
Attackers can exploit CVE-2005-3467 through malformed packets and pathname manipulation.
CVE-2005-3467 can lead to a denial of service, causing the FTP server to crash.