Vulnerabilities > CVE-2007-3768 - Denial-Of-Service vulnerability in SurgeFTP
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
COMPLETE Summary
The mirror mechanism in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to cause a denial of service (restart) via a malformed response to a PASV command.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 9 |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070710/98374694/attachment-0030.txt
- http://marc.info/?l=full-disclosure&m=118409539009277&w=2
- http://osvdb.org/37909
- http://secunia.com/advisories/26061
- http://securityreason.com/securityalert/2883
- http://www.vupen.com/english/advisories/2007/2528
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35376