CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2001-1356

NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 76.9%

CVSS Severity

CVSS v2 Score 10.0

References

http://online.securityfocus.com/archive/1/201951
http://www.iss.net/security_center/static/6961.php
http://www.securityfocus.com/bid/3157
http://online.securityfocus.com/archive/1/201951
http://www.iss.net/security_center/static/6961.php
http://www.securityfocus.com/bid/3157

Products affected by CVE-2001-1356

Netwin » Surgeftp » Version: 2.0a

cpe:2.3:a:netwin:surgeftp:2.0a
Netwin » Surgeftp » Version: 2.0b

cpe:2.3:a:netwin:surgeftp:2.0b
Netwin » Surgeftp » Version: 2.0c

cpe:2.3:a:netwin:surgeftp:2.0c
Netwin » Surgeftp » Version: 2.0d

cpe:2.3:a:netwin:surgeftp:2.0d
Netwin » Surgeftp » Version: 2.0e

cpe:2.3:a:netwin:surgeftp:2.0e
Netwin » Surgeftp » Version: 2.0f

cpe:2.3:a:netwin:surgeftp:2.0f

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-1356

Products

Pricing

Contact Us