CVE Vulnerabilities

CVE-2004-2318

Published: Dec 31, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The administrative interface (surgeftpmgr.cgi) for SurgeFTP Server 1.0b through 2.2k1 allows remote attackers to cause a temporary denial of service (crash) via requests with two percent (%) signs in the CMD parameter.

Affected Software

Name Vendor Start Version End Version
Surgeftp Netwin 1.0b 1.0b
Surgeftp Netwin 1.0b 1.0b
Surgeftp Netwin 2.0a 2.0a
Surgeftp Netwin 2.0a 2.0a
Surgeftp Netwin 2.0b 2.0b
Surgeftp Netwin 2.0b 2.0b
Surgeftp Netwin 2.0c 2.0c
Surgeftp Netwin 2.0d 2.0d
Surgeftp Netwin 2.0e 2.0e
Surgeftp Netwin 2.0f 2.0f
Surgeftp Netwin 2.2k1 2.2k1

References