PT-2007-5007 · Surgeftp · Surgeftp

Nico Leidecker

·

Publicado

2007-07-15

·

Atualizado

2017-07-29

·

CVE-2007-3768

CVSS v2.0

8.5

Alta

VetorAV:N/AC:L/Au:N/C:N/I:P/A:C
Name of the Vulnerable Software and Affected Versions SurgeFTP version 2.3a1
Description The issue allows remote FTP servers to cause a denial of service, resulting in a restart, by sending a malformed response to a PASV command. This can be triggered with user assistance.
Recommendations For SurgeFTP version 2.3a1, consider restricting access to the PASV command until a patch is available to prevent potential denial of service attacks.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-3768

Produtos afetados

Surgeftp