GCVE - cpe:2.3:a:solarwinds:serv-u_file_server:3.1.0.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:solarwinds:serv-u_file_server:3.1.0.0:*:*:*:*:*:*:*

part: a version: 3.1.0.0 update: *

Vendor	Solarwinds (`c393915a-764f-5773-8a18-db4a4d0f1496`)
Product	Serv U File Server (`5c0d0316-6624-5b58-b393-cc2b07d1d78e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2011-4800`	vulnerable	2026-06-03 14:31:26.258352	Details available Directory traversal vulnerability in Serv-U FTP Server before 11.1.0.5 allows remote authenticated users to read and write arbitrary files, and list and create arbitrary directories, via a "..:/" (dot dot colon forward slash) in the (1) list, (2) put, or (3) get commands. Published: 2011-12-14T00:00:00.000Z Updated: 2024-09-16T23:01:04.984Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/fulldisclosure/2011-11/0454.html http://secunia.com/advisories/47021 http://www.serv-u.com/releasenotes/ http://www.exploit-db.com/exploits/18182	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4815`	vulnerable	2026-06-03 14:29:59.253338	Details available Directory traversal vulnerability in Serv-U before 9.2.0.1 allows remote authenticated users to read arbitrary files via unspecified vectors. Published: 2010-04-27T15:00:00.000Z Updated: 2024-08-07T07:17:25.935Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/37414 http://secunia.com/advisories/37847 https://exchange.xforce.ibmcloud.com/vulnerabilities/54932 http://www.serv-u.com/releasenotes/ http://www.vupen.com/english/advisories/2009/3595	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-3467`	vulnerable	2026-06-03 14:27:09.994606	Details available Serv-U FTP Server before 6.1.0.4 allows attackers to cause a denial of service (crash) via (1) malformed packets and possibly other unspecified issues with unknown impact and attack vectors including (2) use of "~" in a pathname, and (3) memory consumption of the daemon. NOTE: it is not clear whether items (2) and above are vulnerabilities. Published: 2005-11-02T23:00:00.000Z Updated: 2024-08-07T23:10:08.932Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2005/2267 http://www.serv-u.com/releasenotes.asp http://secunia.com/advisories/17409 http://securitytracker.com/id?1015151 http://www.securityfocus.com/bid/15273	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-2532`	vulnerable	2026-06-03 14:26:47.846558	Details available Serv-U FTP server before 5.1.0.0 has a default account and password for local administration, which allows local users to execute arbitrary commands by connecting to the server using the default administrator account, creating a new user, logging in as that new user, and then using the SITE EXEC command. Published: 2005-10-25T04:00:00.000Z Updated: 2024-08-08T01:29:13.666Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/10886 https://exchange.xforce.ibmcloud.com/vulnerabilities/16925 http://www.osvdb.org/8877 http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0216.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-2111`	vulnerable	2026-06-03 14:26:46.379385	Details available Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename. Published: 2005-05-27T04:00:00.000Z Updated: 2024-08-08T01:15:01.513Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/14931 http://www.securityfocus.com/bid/9483 http://securitytracker.com/id?1008841 http://www.securityfocus.com/bid/9675 http://marc.info/?l=bugtraq&m=107513654005840&w=2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-1992`	vulnerable	2026-06-03 14:26:46.010832	Details available Buffer overflow in Serv-U FTP server before 5.0.0.6 allows remote attackers to cause a denial of service (crash) via a long -l parameter, which triggers an out-of-bounds read. Published: 2005-05-10T04:00:00.000Z Updated: 2024-08-08T01:07:49.233Z Open on db.gcve.eu Reference links http://marc.info/?l=bugtraq&m=108360377119290&w=2 http://www.osvdb.org/5546 http://www.securityfocus.com/bid/10181 http://www.securiteam.com/windowsntfocus/5ZP0G2KCKA.html http://secunia.com/advisories/11430	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0330`	vulnerable	2026-06-03 14:26:35.126106	Details available Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command. Published: 2004-03-18T05:00:00.000Z Updated: 2024-08-08T00:17:14.340Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/15323 http://www.cnhonker.com/advisory/serv-u.mdtm.txt http://marc.info/?l=bugtraq&m=107781164214399&w=2 http://www.securityfocus.com/bid/9751	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2393`	vulnerable	2026-06-03 14:26:23.941942	Details available Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections while validating user folder access rights, which allows remote attackers to cause a denial of service (no new connections) via a series of MKD commands. Published: 2007-10-31T16:00:00.000Z Updated: 2024-09-17T02:16:14.362Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/bugtraq/2002-11/0109.html http://www.securityfocus.com/bid/6112 http://www.iss.net/security_center/static/10573.php	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

SolarWinds Serv-U File Server 3.1.0.0

PURL mappings

Vulnerability references

Contribute