GCVE - cpe:2.3:a:solarwinds:serv-u_file_server:8.0.0.2:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:solarwinds:serv-u_file_server:8.0.0.2:*:*:*:*:*:*:*

part: a version: 8.0.0.2 update: *

Vendor	Solarwinds (`c393915a-764f-5773-8a18-db4a4d0f1496`)
Product	Serv U File Server (`5c0d0316-6624-5b58-b393-cc2b07d1d78e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2011-4800`	vulnerable	2026-06-03 14:31:26.281330	Details available Directory traversal vulnerability in Serv-U FTP Server before 11.1.0.5 allows remote authenticated users to read and write arbitrary files, and list and create arbitrary directories, via a "..:/" (dot dot colon forward slash) in the (1) list, (2) put, or (3) get commands. Published: 2011-12-14T00:00:00.000Z Updated: 2024-09-16T23:01:04.984Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/fulldisclosure/2011-11/0454.html http://secunia.com/advisories/47021 http://www.serv-u.com/releasenotes/ http://www.exploit-db.com/exploits/18182	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4815`	vulnerable	2026-06-03 14:29:59.268447	Details available Directory traversal vulnerability in Serv-U before 9.2.0.1 allows remote authenticated users to read arbitrary files via unspecified vectors. Published: 2010-04-27T15:00:00.000Z Updated: 2024-08-07T07:17:25.935Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/37414 http://secunia.com/advisories/37847 https://exchange.xforce.ibmcloud.com/vulnerabilities/54932 http://www.serv-u.com/releasenotes/ http://www.vupen.com/english/advisories/2009/3595	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4006`	vulnerable	2026-06-03 14:29:55.123661	Details available Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft Serv-U FTP server 7.0.0.1, 9.0.0.5, and other versions before 9.1.0.0 allows remote attackers to execute arbitrary code via a long hexadecimal string. Published: 2009-11-20T11:00:00.000Z Updated: 2024-08-07T06:45:51.054Z Open on db.gcve.eu Reference links http://www.osvdb.org/60427 http://www.securitytracker.com/id?1023199 http://www.securityfocus.com/archive/1/507955/100/0/threaded http://secunia.com/secunia_research/2009-46/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6142	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-3655`	vulnerable	2026-06-03 14:29:52.633337	Details available Rhino Software Serv-U 7.0.0.1 through 8.2.0.3 allows remote attackers to cause a denial of service (server crash) via unspecified vectors related to the "SITE SET TRANSFERPROGRESS ON" FTP command. Published: 2009-10-09T14:18:00.000Z Updated: 2024-08-07T06:38:29.570Z Open on db.gcve.eu Reference links http://secunia.com/advisories/36873 http://www.serv-u.com/releasenotes/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5798	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

SolarWinds Serv-U File Server 8.0.0.2

PURL mappings

Vulnerability references

Contribute