Lucene search

K

MitreCVELIST:CVE-2008-1052

HistoryFeb 27, 2008 - 7:00 p.m.

CVE-2008-1052

2008-02-2719:00:00

mitre

www.cve.org

2

AI Score

6.6

Confidence

High

EPSS

0.083

Percentile

94.5%

The administration web interface in NetWin SurgeFTP 2.3a2 and earlier allows remote attackers to cause a denial of service (daemon crash) via a large integer in the Content-Length HTTP header, which triggers a NULL pointer dereference when memory allocation fails.

References

aluigi.altervista.org/adv/surgeftpizza-adv.txt

secunia.com/advisories/29096

securityreason.com/securityalert/3704

www.securityfocus.com/archive/1/488745/100/0/threaded

www.securityfocus.com/bid/27993

exchange.xforce.ibmcloud.com/vulnerabilities/40843

AI Score

6.6

Confidence

High

EPSS

0.083

Percentile

94.5%

Related for CVELIST:CVE-2008-1052

cve1 prion1 exploitdb1 nvd1