Finjan Software » Surfingate : Security Vulnerabilities, CVEs,
Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download blocked files via hex-encoded characters in a filename, as demonstrated using "%2e".
Max CVSS
5.0
EPSS Score
0.98%
Published
2005-06-14
Updated
2017-07-11
Finjan SurfinGate 6.0 and 7.0, when running in proxy mode, does not authenticate FHTTP commands on TCP port 3141, which allows remote attackers to use the finjan-parameter-type header to (1) restart the service, (2) use the getlastmsg command to view log information, or (3) use the online command to force a policy update from the database server.
Max CVSS
7.5
EPSS Score
8.52%
Published
2004-12-31
Updated
2017-07-11
Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL with an IP address instead of a hostname.
Max CVSS
7.5
EPSS Score
0.33%
Published
2002-12-31
Updated
2008-09-05
Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL whose hostname portion uses a fully qualified domain name (FQDN) that ends in a "." (dot).
Max CVSS
7.5
EPSS Score
0.36%
Published
2002-12-31
Updated
2008-09-05
4 vulnerabilities found