Description
Finjan SurfinGate 6.0 and 7.0, when running in proxy mode, does not authenticate FHTTP commands on TCP port 3141, which allows remote attackers to use the finjan-parameter-type header to (1) restart the service, (2) use the getlastmsg command to view log information, or (3) use the online command to force a policy update from the database server.
Product(s):
- Finjan Software Surfingate 6.0
- Finjan Software Surfingate 6.0 1
- Finjan Software Surfingate 6.0_5
- Finjan Software Surfingate 7.0
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2004-2107, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2004-2107 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.