CVE-2004-2107

Name of the Vulnerable Software and Affected Versions Finjan SurfinGate versions 6.0 through 7.0

Description The issue allows remote attackers to exploit the lack of authentication for FHTTP commands on TCP port 3141 when running in proxy mode. This can be used to (1) restart the service, (2) view log information using the getlastmsg command, or (3) force a policy update from the database server using the online command, by utilizing the finjan-parameter-type header.

Recommendations For Finjan SurfinGate versions 6.0 through 7.0, consider restricting access to TCP port 3141 to prevent remote exploitation, and ensure proper authentication mechanisms are in place for FHTTP commands. As a temporary workaround, consider disabling the use of the finjan-parameter-type header in the proxy mode until a patch is available.