header-logo
Suggest Exploit
vendor:
SurfinGate
by:
SecurityFocus
2.6
CVSS
LOW
Bypass File Filtering
22
CWE
Product Name: SurfinGate
Affected Version From: 7.0 SP2
Affected Version To: 7.0 SP3
Patch Exists: N/A
Related CWE: N/A
CPE: a:surfingate:surfingate
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

SurfinGate File Filtering Bypass

It has been reported that an attacker may bypass SurfinGate file filtering rules by using ASCII encoding in the file name. An example of this is http://www.example.com/ourpics/sware/Mustangworld%2escr

Mitigation:

Ensure that the file filtering rules are properly configured and that all files are properly scanned for malicious content.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/13959/info

SurfinGate may allow an attacker to circumvent file filters.

It has been reported that an attacker may bypass SurfinGate file filtering rules by using ASCII encoding in the file name.

SurfinGate version 7.0 SP2 and 7.0 SP3 are reportedly vulnerable. Other versions may be affected as well. 

http://www.example.com/ourpics/sware/Mustangworld%2escr

Navigation

Suggest Exploit

Services By CQR