Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

csmproxy.txt

🗓️ 17 Aug 1999 00:00:00Reported by Packet StormType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 20 Views

Vulnerability in CSM Proxy 4.1 allows Denial-of-Service via FTP port 21, crashing the system.

Code
`Date: Thu, 16 Jul 1998 15:22:24 -0400  
From: Security Research Team <[email protected]>  
Subject: S.A.F.E.R. Security Bulletin 980708.DOS.1.1  
  
__________________________________________________________  
  
S.A.F.E.R. Security Bulletin 980708.DOS.1.1  
__________________________________________________________  
  
  
TITLE : Vulnerability with CSM Proxy 4.1  
DATE : July 8, 1998  
NATURE : Denial-of-Service  
PLATFORMS : Windows NT, Windows 95/98  
  
DETAILS:  
  
If users sends 1030 characters or more to the FTP port (21), CSM Proxy will  
crash, and raise CPU usage to 100%. Restart of the proxy (Win95) or reboot  
(NT) is needed in order to recover system functionality.  
  
CSM Proxy accepts connection, even accepts username/password, and then  
checks if user is authorized (depending on source IP address) to access  
proxy server at all. This allows any user on Internet/Intranet to connect  
to port 21, send characters and crash the CSM Proxy server along with  
Windows NT. If CSM Proxy is located behind a firewall, only Intranet users  
are a threat.  
  
FIXES:  
  
CSM (http://www.csm-usa.com and http://www.csm.co.at) have been notified,  
and it is expected that CSM will publish updated version soon.  
  
__________________________________________________________  
  
S.A.F.E.R. - Security Alert For Entreprise Resources  
Copyright (c) 1998 Siam Relay Ltd.  
http://siamrelay.com/safer --- [email protected]  
__________________________________________________________  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Aug 1999 00:00Current
7.4High risk
Vulners AI Score7.4
csm proxy vulnerability denial of service ftp port 21 system crash windows nt windows 95 98
20