Update Protection against Rhino Software Serv-U FTP Server RNTO Command Directory Traversal
| Check Point Reference: | CPAI-2008-227 | |
| Date Published: | ||
| Severity: | ||
| Source: | Bugtraq ID: 31563
|
|
| Industry Reference(s): | CVE-2008-4501 | |
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? Rhino Software Serv-U 7.2.0.1 and earlier versions | ||
| Vulnerability Description A directory traversal vulnerability was reported in Serv-U FTP Server. Serv-U is a widely-used FTP server that includes advanced features such as SSL support, ODBC, virtual directories and more. This vulnerability allows a remote authenticated attacker to access normally-inaccessible files and directories through a specially-created FTP request and may also facilitate the launch of other attacks. |
||
|
Vulnerability Details The vulnerability is due to the fact that Serv-U FTP Server does not properly sanitize the RNTO FTP command. The RNTO command provides the new name for a file or directory specified by the preceding RNFR command. This grants an attacker access to all files on the Serv-U FTP Server using this vulnerability. |
Protection Overview
By enabling this protection, IPS-1 will detect and block attempts by FTP users to access directories above the configured server root directory.
To configure the defense, select your product from the list below and follow the related protection steps.