Vulnerabilities > CVE-2002-1532 - Unspecified vulnerability in Surfcontrol Superscout Email Filter 3.5/3.5.1/4.0

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

surfcontrol

NVD

Published: 2003-03-31

Updated: 2008-09-05

Summary

The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to cause a denial of service (resource exhaustion) via a GET request without the terminating /r/n/r/n (CRLF) sequence, which causes the interface to wait for the sequence and blocks other users from accessing it.

Vulnerable Configurations

Part	Description	Count
Application	Surfcontrol Surfcontrol Superscout Email Filter 3.5 Surfcontrol Superscout Email Filter 3.5.1 Surfcontrol Superscout Email Filter 4.0	3

References

http://archives.neohapsis.com/archives/bugtraq/2002-10/0137.html
http://www.iss.net/security_center/static/10322.php
http://www.securityfocus.com/bid/5931