CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2013-4742

HIGH
7.5
CVSS Severity Score
EPSS Score0.0890%
EPSS Percentile2.10th
Published2013年8月9日
Last Modified2026年4月29日

Vulnerability Description

Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string within the authentication request.

Affected Platforms (CPE)

📦
Netwin

Surgeftp

<= 2.3b1
📦
Netwin

Surgeftp

= 2.0c
📦
Netwin

Surgeftp

= 2.0d
📦
Netwin

Surgeftp

= 2.0e
📦
Netwin

Surgeftp

= 2.0f
📦
Netwin

Surgeftp

= 2.2k1
📦
Netwin

Surgeftp

= 2.2k3
📦
Netwin

Surgeftp

= 2.2m1
📦
Netwin

Surgeftp

= 2.3a1
📦
Netwin

Surgeftp

= 2.3a2
📦
Netwin

Surgeftp

= 2.3a6
📦
Netwin

Surgeftp

= 2.3a7
📦
Netwin

Surgeftp

= 2.3a8
📦
Netwin

Surgeftp

= 2.3a9
📦
Netwin

Surgeftp

= 2.3a10
📦
Netwin

Surgeftp

= 2.3a12

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2013-07/0149.html
🔗 http://osvdb.org/95582
🔗 http://secunia.com/advisories/54188
🔗 http://www.securityfocus.com/bid/61403
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/85922
🔗 http://archives.neohapsis.com/archives/bugtraq/2013-07/0149.html
🔗 http://osvdb.org/95582
🔗 http://secunia.com/advisories/54188

相關漏洞威脅

CVE-2001-135510.0

Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other ...

CVE-2001-135610.0

NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allow...

CVE-2007-37688.5

The mirror mechanism in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to cause a denial of service (restart) via a malfo...

CVE-2008-10526.4

The administration web interface in NetWin SurgeFTP 2.3a2 and earlier allows remote attackers to cause a denial of service (daemon...