'; echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "www.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "www.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "www.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "www.hp-telecom.com") { echo ''; echo 'hp-telecom'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

FTP Attack (Attack ID:200020)

Release Date:2009-09-27

Attack Name:Serv-u directory transversal

OS Type:Window

Application Type

Severity:Critical

BUG ID

CVE ID

 

Description

Serv-U FTP from Rhino Software Inc. is an FTP server for Windows 2000, NT and 9x systems. The vulnerability appears in Serv-U FTP Server version 2.5a-h. A Unicode support implementation error was made, which allows an attacker to submit %20..%20.. to receive a '..', which allows an attacker to traverse the directory structure of the server.

Impact:
An attacker can download and upload files on the same partition as the ftp root. The attacker can use a standard user account with write and read access to a home folder.

Affected Systems:
Rhino Software Inc. Serv-U v2.4
Rhino Software Inc. Serv-U v2.5
Rhino Software Inc. Serv-U v3.0 beta
Note: Rhino Software Inc. Serv-U 2.5i is not affected.

Additional References:
http://www.osvdb.org/464
http://cgi.nessus.org/plugins/dump.php3?id=10565

 

Solution

Ensure the system is using an up to date version of the software and has had all vendor supplied patches applied.