List: bugtraqSubject: Serv-U up to 5.2 Denial of ServiceFrom: Patrick Date: 2004-09-11 8:49:43Message-ID: <20040911084943.17707.qmail () www ! securityfocus ! com>[Download message RAW] Serv-U FTP server is a secure, advanced FTP server for Windows. However, like most \programs, it is not completely bugfree. I (and maybe more people with me) found this bug some time ago. It can be triggered \as *every* user that can log in, anonymous included, and exists in possibly every \version. (At least 4.x and 5.x series). The exploit might be a clich?but it might threaten (hosting and other) companies \that use this FTP server. Following commands will trigger the crash: STOU COM1STOU LPT1STOU PRNSTOU AUX However, "STOU NUL" does NOT work. Greetings,Patrick