CVE-2004-2318

The administrative interface (surgeftpmgr.cgi) for SurgeFTP Server 1.0b through 2.2k1 allows remote attackers to cause a temporary denial of service (crash) via requests with two percent (%) signs in the CMD parameter.

Date published : 2005-08-16

http://www.securityfocus.com/bid/9554

http://members.lycos.co.uk/r34ct/main/surge_FTP/surge-ftp.txt