CVE-2004-2532 - Unideal Cheek

Description

Serv-U FTP server before 5.1.0.0 has a default account and password for local administration which allows local users to execute arbitrary commands by connecting to the server using the default administrator account creating a new user logging in as that new user and then using the SITE EXEC command.

Reference

http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0216.html http://www.securityfocus.com/bid/10886 http://www.osvdb.org/8877 https://exchange.xforce.ibmcloud.com/vulnerabilities/16925