Denial of Service Vulnerability in SurgeFTP by SurgeFTP, Inc.
CVE-2007-3768

Currently unrated

Key Information:

Vendor

Netwin

Status
Surgeftp
Vendor
CVE Published:
15 July 2007

What is CVE-2007-3768?

The mirror mechanism in SurgeFTP 2.3a1 has a flaw that can be exploited by malicious remote FTP servers. A specifically crafted response to a PASV command can lead to a denial of service condition, resulting in the server restarting. This vulnerability underscores the importance of validating responses in FTP protocols to prevent service disruptions.

References

http://secunia.com/advisories/26061
third-party-advisoryx_refsource_SECUNIA
http://osvdb.org/37909
vdb-entryx_refsource_OSVDB
http://securityreason.com/securityalert/2883
third-party-advisoryx_refsource_SREASON

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.