CVE-2004-2318 Information

Description

The administrative interface (surgeftpmgr.cgi) for SurgeFTP Server 1.0b through 2.2k1 allows remote attackers to cause a temporary denial of service (crash) via requests with two percent () signs in the CMD parameter.

Reference

http://members.lycos.co.uk/r34ct/main/surge_FTP/surge-ftp.txt http://securitytracker.com/id?1008898 http://www.osvdb.org/3788 http://www.secunia.com/advisories/10758/ http://www.securityfocus.com/bid/9554 https://exchange.xforce.ibmcloud.com/vulnerabilities/15001