VULHUB ™

RhinoSoft Serv-U FTP Server has been reported prone to an insecure file permission vulnerability. Specifically, a configuration file is created with insecure permissions by default. Because of this any local user may make modifications to the file and ultimately may exploit this condition to gain elevated privileges. It should be noted that although this vulnerability has been reported to affect RhinoSoft Serv-U FTP Server version 4.1.0.0, other versions might also be affected.

RhinoSoft Serv-U FTP Server has been reported prone to an insecure file permission vulnerability. Specifically, a configuration file is created with insecure permissions by default. Because of this any local user may make modifications to the file and ultimately may exploit this condition to gain elevated privileges. It should be noted that although this vulnerability has been reported to affect RhinoSoft Serv-U FTP Server version 4.1.0.0, other versions might also be affected.