Search the Community
Showing results for tags 'serv-u'.
-
This Metasploit module attempts to gain root privileges on systems running Serv-U FTP Server versions prior to 15.1.7. The Serv-U executable is setuid root, and uses ARGV[0] in a call to system(), without validation, when invoked with the -prepareinstallation flag, resulting in command execution with root privileges. This module has been tested successfully on Serv-U FTP Server version 15.1.6 (x64) on Debian 9.6 (x64). View the full article
-
SolarWinds Serv-U FTP version 15.1.6.25 suffers from a cross site scripting vulnerability. View the full article
-
- solarwinds
- serv-u
- (and 5 more)
-
SolarWinds Serv-U FTP Server version 15.1.6 is vulnerable to privilege escalation from remote authenticated users by leveraging the CSV user import function. This leads to obtaining remote code execution under the context of the Windows SYSTEM account in a default installation. View the full article
-
- solarwinds
- serv-u
-
(and 4 more)
Tagged with: