Published: 31/12/2004 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Finjan SurfinGate 6.0 and 7.0, when running in proxy mode, does not authenticate FHTTP commands on TCP port 3141, which allows remote malicious users to use the finjan-parameter-type header to (1) restart the service, (2) use the getlastmsg command to view log information, or (3) use the online command to force a policy update from the database server.

Vulnerable Product	Search on Vulmon	Subscribe to Product
finjan software surfingate 6.0
finjan software surfingate 6.0_1
finjan software surfingate 6.0_5
finjan software surfingate 7.0

source: wwwsecurityfocuscom/bid/9478/info Finjan SurfinGate is prone to a vulnerability that may permit remote attackers to execute certain management commands (using the FHTTP protocol) through the management control port (3141/TCP) It has been reported that commands could be issued to restart the server, most likely resulting in a deni ...

NVD-CWE-Other http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0929.html http://secunia.com/advisories/10714 http://www.securityfocus.com/bid/9478 http://marc.info/?l=bugtraq&m=107487999406339&w=2 http://marc.info/?l=bugtraq&m=107522480913629&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/14934 https://nvd.nist.gov https://www.exploit-db.com/exploits/23585/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-2107

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect