CVE-2004-2107 Information
Share on:
Feb 14, 2021
cve
Description
Finjan SurfinGate 6.0 and 7.0 when running in proxy mode does not authenticate FHTTP commands on TCP port 3141 which allows remote attackers to use the finjan-parameter-type header to (1) restart the service (2) use the getlastmsg command to view log information or (3) use the online command to force a policy update from the database server.
Reference
http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0929.html http://marc.info/?l=bugtraq&m=107487999406339&w=2 http://marc.info/?l=bugtraq&m=107522480913629&w=2 http://secunia.com/advisories/10714 http://www.securityfocus.com/bid/9478 https://exchange.xforce.ibmcloud.com/vulnerabilities/14934