SurgeFTP LEAK Command Denial of Service Vulnerability
BID:13054
Info
SurgeFTP LEAK Command Denial of Service Vulnerability
| Bugtraq ID: | 13054 |
| Class: | Design Error |
| CVE: |
CVE-2005-1034 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 07 2005 12:00AM |
| Updated: | Jul 12 2009 12:56PM |
| Credit: | Discovery is credited to <[email protected]>. |
| Vulnerable: |
NetWin SurgeFTP 2.2 m1 NetWin SurgeFTP 2.2 k3 |
| Not Vulnerable: | |
Discussion
SurgeFTP LEAK Command Denial of Service Vulnerability
SurgeFTP is prone to a denial of service condition. This issue exists when the LEAK command is issued to the FTP server. Successful exploitation will cause the FTP server to either refuse new connections or not be able to send or receive files.
SurgeFTP is prone to a denial of service condition. This issue exists when the LEAK command is issued to the FTP server. Successful exploitation will cause the FTP server to either refuse new connections or not be able to send or receive files.
Exploit / POC
SurgeFTP LEAK Command Denial of Service Vulnerability
There is no exploit code required.
There is no exploit code required.
Solution / Fix
SurgeFTP LEAK Command Denial of Service Vulnerability
Solution:
This issue was reportedly fixed by the vendor in SurgeFTP 2.2m2, however, this has not been confirmed by Symantec.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
This issue was reportedly fixed by the vendor in SurgeFTP 2.2m2, however, this has not been confirmed by Symantec.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
SurgeFTP LEAK Command Denial of Service Vulnerability
References:
References: