CVE-2013-4742
high
CVSS v3
—
VIR risk
7.5
Description
Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string within the authentication request.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| netwin | surgeftp | {"endIncluding":"2.3b1"} | |
| netwin | surgeftp | 2.0c | |
| netwin | surgeftp | 2.0d | |
| netwin | surgeftp | 2.0e | |
| netwin | surgeftp | 2.0f | |
| netwin | surgeftp | 2.2k1 | |
| netwin | surgeftp | 2.2k3 | |
| netwin | surgeftp | 2.2m1 | |
| netwin | surgeftp | 2.3a1 | |
| netwin | surgeftp | 2.3a2 | |
| netwin | surgeftp | 2.3a6 | |
| netwin | surgeftp | 2.3a7 | |
| netwin | surgeftp | 2.3a8 | |
| netwin | surgeftp | 2.3a9 | |
| netwin | surgeftp | 2.3a10 | |
| netwin | surgeftp | 2.3a12 | |
References
- http://archives.neohapsis.com/archives/bugtraq/2013-07/0149.html
- http://osvdb.org/95582
- http://secunia.com/advisories/54188
- http://www.securityfocus.com/bid/61403
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85922
- http://archives.neohapsis.com/archives/bugtraq/2013-07/0149.html
- http://osvdb.org/95582
- http://secunia.com/advisories/54188
- http://www.securityfocus.com/bid/61403
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85922
CWEs
CWE-119
💬 Discuss CVE-2013-4742 on VIR Community →
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.