Denial of Service Vulnerability in NetWin SurgeFTP by NetWin
CVE-2001-0697

Currently unrated

Key Information:

Vendor: Netwin
Status: Surgeftp
Vendor: CVE Published:; 20 September 2001

What is CVE-2001-0697?

The vulnerability in NetWin SurgeFTP occurs when the server does not properly handle the 'ls ..' command, allowing a remote attacker to execute this command and subsequently cause the server to crash. This could lead to service interruptions, affecting users' ability to access the FTP server. The issue exists in all versions prior to 1.1h, emphasizing the need for users to upgrade to a secure version to mitigate potential attacks.

References

http://www.securityfocus.com/archive/1/165816

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/6168

vdb-entryx_refsource_XF

http://www.secadministrator.com/Articles/Index.cfm?Articl...

mailing-listx_refsource_WIN2KSEC

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 20, 2001
Vulnerability Reserved
Aug 29, 2001

Netwin

What is CVE-2001-0697?

References

EPSS Score

Timeline