Patch now! Attackers attack file transfer server SolwarWinds Serv-U
In the course of attacks on SolwarWinds Serv-U, attackers gain access to files that are actually protected.
(Image: Artur Szczybylo/Shutterstock.com)
SolwarWinds file transfer servers SolwarWinds Serv-U FTP and Serv-U MFT are vulnerable and attackers are currently actively exploiting a security vulnerability. A hardened version is available and admins should install it as soon as possible.
The security problem
Security researchers from Greynoise report on attempted attacks in an article. The extent of the attacks is currently unknown. Attacks on the path traversal vulnerability (CVE-2024-28995"high") are said to be relatively simple to carry out.
Sending a prepared get request is sufficient for attackers to access user account data (\etc/passwd) under Linux, for example. No authentication should be required for this. Attackers with higher user rights can then spread through the system and wreak further havoc.
Countermeasure
To secure systems, admins must install the repaired SolarWinds Serv-U 15.4.2 HF2 release,according to the official warning. All previous editions are said to be vulnerable.
(des)
