CVE-2004-2107
CVE-2004-2107
Finjan SurfinGate 6.0 and 7.0, when running in proxy mode, does not authenticate FHTTP commands on TCP port 3141, which allows remote attackers to use the finjan-parameter-type header to (1) restart the service, (2) use the getlastmsg command to view log information, or (3) use the online command to force a policy update from the database server.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/23585unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0929.htmlhttp://marc.info/?l=bugtraq&m=107487999406339&w=2http://marc.info/?l=bugtraq&m=107522480913629&w=2http://secunia.com/advisories/10714https://exchange.xforce.ibmcloud.com/vulnerabilities/14934http://www.securityfocus.com/bid/9478