Описание
Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string within the authentication request.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.3b1 (включая)
Одно из
cpe:2.3:a:netwin:surgeftp:*:*:*:*:*:*:*:*
cpe:2.3:a:netwin:surgeftp:2.0c:*:*:*:*:*:*:*
cpe:2.3:a:netwin:surgeftp:2.0d:*:*:*:*:*:*:*
cpe:2.3:a:netwin:surgeftp:2.0e:*:*:*:*:*:*:*
cpe:2.3:a:netwin:surgeftp:2.0f:*:*:*:*:*:*:*
cpe:2.3:a:netwin:surgeftp:2.2k1:*:*:*:*:*:*:*
cpe:2.3:a:netwin:surgeftp:2.2k3:*:*:*:*:*:*:*
cpe:2.3:a:netwin:surgeftp:2.2m1:*:*:*:*:*:*:*
cpe:2.3:a:netwin:surgeftp:2.3a1:*:*:*:*:*:*:*
cpe:2.3:a:netwin:surgeftp:2.3a2:*:*:*:*:*:*:*
cpe:2.3:a:netwin:surgeftp:2.3a6:*:*:*:*:*:*:*
cpe:2.3:a:netwin:surgeftp:2.3a7:*:*:*:*:*:*:*
cpe:2.3:a:netwin:surgeftp:2.3a8:*:*:*:*:*:*:*
cpe:2.3:a:netwin:surgeftp:2.3a9:*:*:*:*:*:*:*
cpe:2.3:a:netwin:surgeftp:2.3a10:*:*:*:*:*:*:*
cpe:2.3:a:netwin:surgeftp:2.3a12:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.03708
Низкий
7.5 High
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
больше 3 лет назад
Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string within the authentication request.
EPSS
Процентиль: 88%
0.03708
Низкий
7.5 High
CVSS2
Дефекты
CWE-119