Strix
26.1K

CVE-2013-4742

UnknownEPSS 4.25%

Last modified

CVE-2013-4742 is a vulnerability of currently unknown severity. Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string within the authentication request.. EPSS estimates a 4.25% chance of exploitation in the next 30 days.

Description

Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string within the authentication request.

Metrics

EPSS Probability
4.25%

89.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
NetwinSurgeftp<= 2.3b1
NetwinSurgeftp2.0c
NetwinSurgeftp2.0d
NetwinSurgeftp2.0e
NetwinSurgeftp2.0f
NetwinSurgeftp2.2k1
NetwinSurgeftp2.2k3
NetwinSurgeftp2.2m1
NetwinSurgeftp2.3a1
NetwinSurgeftp2.3a2
NetwinSurgeftp2.3a6
NetwinSurgeftp2.3a7
NetwinSurgeftp2.3a8
NetwinSurgeftp2.3a9
NetwinSurgeftp2.3a10
NetwinSurgeftp2.3a12

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2013-4742?
Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string within the authentication request.
How severe is CVE-2013-4742?
Severity scoring for CVE-2013-4742 is pending analysis. The EPSS model estimates a 4.25% probability of exploitation in the next 30 days.
How do I fix CVE-2013-4742?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-4742?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST