CVE-2004-2318

Published Dec 31, 2004

Last updated 7 years ago

CVSS info 5.0

Overview

Description: The administrative interface (surgeftpmgr.cgi) for SurgeFTP Server 1.0b through 2.2k1 allows remote attackers to cause a temporary denial of service (crash) via requests with two percent (%) signs in the CMD parameter.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:netwin:surgeftp:1.0b:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BE4FD50F-DDFA-40AD-BFCC-F606CEF450F1"
          },
          {
            "criteria": "cpe:2.3:a:netwin:surgeftp:1.0b:*:win_95_98:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "691BD1B5-A764-4A81-9825-2EF10490DE66"
          },
          {
            "criteria": "cpe:2.3:a:netwin:surgeftp:2.0a:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AC94C372-7536-4692-AEA7-B58B32E2A5F1"
          },
          {
            "criteria": "cpe:2.3:a:netwin:surgeftp:2.0a:*:win_95_98:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "99A48AB6-6307-48FE-8AA0-8F04610FE3F5"
          },
          {
            "criteria": "cpe:2.3:a:netwin:surgeftp:2.0b:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "59DB045D-91F6-4AFC-8331-F2155D38D5FE"
          },
          {
            "criteria": "cpe:2.3:a:netwin:surgeftp:2.0b:*:win_95_98:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3FF5F8DD-1639-4F4D-AB47-FC6ED5FB47A3"
          },
          {
            "criteria": "cpe:2.3:a:netwin:surgeftp:2.0c:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C38E3BA1-DD78-4CB8-A680-B7D99CAD84B8"
          },
          {
            "criteria": "cpe:2.3:a:netwin:surgeftp:2.0d:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "283FCBC2-3C13-491C-A145-4177F7C37EA4"
          },
          {
            "criteria": "cpe:2.3:a:netwin:surgeftp:2.0e:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2DE7C06B-1376-4095-A284-14F310D7AA5E"
          },
          {
            "criteria": "cpe:2.3:a:netwin:surgeftp:2.0f:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9C2BB9D2-70AE-4684-B4E7-32610DD9DDC1"
          },
          {
            "criteria": "cpe:2.3:a:netwin:surgeftp:2.2k1:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0192C7F5-18F3-4157-BA85-8B4D7076C8AE"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References