ID SECURITYVULNS:VULN:1391
Type securityvulns
Reporter BUGTRAQ
Modified 2001-08-13T00:00:00
Description
пароль имеет слабое шифрование, кроме того не ограничено число попыток его ввода.
{"id": "SECURITYVULNS:VULN:1391", "bulletinFamily": "software", "title": "\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 \u043f\u0430\u0440\u043e\u043b\u0435\u043c \u0432 SurgeFTP (bruteforceing, weak password).", "description": "\u043f\u0430\u0440\u043e\u043b\u044c \u0438\u043c\u0435\u0435\u0442 \u0441\u043b\u0430\u0431\u043e\u0435 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435, \u043a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e \u043d\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043e \u0447\u0438\u0441\u043b\u043e \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0435\u0433\u043e \u0432\u0432\u043e\u0434\u0430.", "published": "2001-08-13T00:00:00", "modified": "2001-08-13T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:1391", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:1926"], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:09:16", "edition": 1, "viewCount": 4, "enchantments": {"score": {"value": 5.2, "vector": "NONE", "modified": "2018-08-31T11:09:16", "rev": 2}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562311220201391", "OPENVAS:1361412562310815720", "OPENVAS:1361412562310815837", "OPENVAS:1361412562311220181391", "OPENVAS:1361412562310815834", "OPENVAS:1361412562311220191391", "OPENVAS:1361412562310815722", "OPENVAS:1361412562310815836", "OPENVAS:1361412562310815839", "OPENVAS:1361412562310815835"]}, {"type": "nessus", "idList": ["AL2_ALAS-2020-1391.NASL", "EULEROS_SA-2020-1391.NASL", "SMB_NT_MS19_NOV_4525232.NASL", "SMB_NT_MS19_NOV_4525243.NASL"]}, {"type": "atlassian", "idList": ["ATLASSIAN:JRASERVER-70526", "ATLASSIAN:CONFSERVER-59612"]}, {"type": "cve", "idList": ["CVE-2019-20105", "CVE-2019-1391"]}, {"type": "talosblog", "idList": ["TALOSBLOG:D617C7EFD22C4CD2ECFE1B030BD80B0E"]}, {"type": "mscve", "idList": ["MS:CVE-2019-1391"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:1926"]}], "modified": "2018-08-31T11:09:16", "rev": 2}, "vulnersScore": 5.2}, "affectedSoftware": [{"name": "SurgeFTP", "operator": "eq", "version": "2.0"}]}
{"rst": [{"lastseen": "2021-01-20T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **179[.]29.255.123** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **22**.\n First seen: 2020-12-26T03:00:00, Last seen: 2021-01-20T03:00:00.\n IOC tags: **generic**.\nASN 6057: (First IP 179.24.0.0, Last IP 179.31.53.255).\nASN Name \"\" and Organisation \"Administracion Nacional de Telecomunicaciones\".\nASN hosts 24836 domains.\nGEO IP information: City \"\", Country \"Uruguay\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-26T00:00:00", "id": "RST:7C417EF1-1391-3AD8-A213-AEFD881D68A9", "href": "", "published": "2021-01-21T00:00:00", "title": "RST Threat feed. IOC: 179.29.255.123", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-20T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **114[.]228.76.195** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **10**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-20T03:00:00.\n IOC tags: **generic**.\nASN 4134: (First IP 114.222.116.0, Last IP 114.229.11.8).\nASN Name \"CHINANETBACKBONE\" and Organisation \"No31Jinrong Street\".\nASN hosts 1178566 domains.\nGEO IP information: City \"Shanghai\", Country \"China\".\nIOC could be a **False Positive** (Cloud provider IP).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:C312B48D-1391-3DD9-88B3-C386F074B3DC", "href": "", "published": "2021-01-21T00:00:00", "title": "RST Threat feed. IOC: 114.228.76.195", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-20T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **78[.]63.158.220** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **4**.\n First seen: 2020-03-16T03:00:00, Last seen: 2021-01-20T03:00:00.\n IOC tags: **tor_node**.\nASN 8764: (First IP 78.63.124.0, Last IP 78.63.255.255).\nASN Name \"TELIALIETUVA\" and Organisation \"\".\nASN hosts 4522 domains.\nGEO IP information: City \"iauliai\", Country \"Republic of Lithuania\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-03-16T00:00:00", "id": "RST:0FE08320-1391-3642-B8C3-0063DBAF2F1F", "href": "", "published": "2021-01-21T00:00:00", "title": "RST Threat feed. IOC: 78.63.158.220", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-20T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **reevivenetwork[.]com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-20T03:00:00.\n IOC tags: **generic**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:D5E3F9D5-1391-34F8-A251-281814C29B88", "href": "", "published": "2021-01-21T00:00:00", "title": "RST Threat feed. IOC: reevivenetwork.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-06T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **2zse2v3hzag375l56kx2din4am--m-facebook-com[.]translate.goog** in [RST Threat Feed](https://rstcloud.net/profeed) with score **33**.\n First seen: 2020-12-04T03:00:00, Last seen: 2021-01-06T03:00:00.\n IOC tags: **phishing**.\nDomain has DNS A records: 172[.]217.195.132,216.239.32.10,216.239.34.10,216.239.36.10,216.239.38.10\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-04T00:00:00", "id": "RST:E27B2BB3-1391-3884-9B01-9430295D1EED", "href": "", "published": "2021-01-20T00:00:00", "title": "RST Threat feed. IOC: 2zse2v3hzag375l56kx2din4am--m-facebook-com.translate.goog", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-19T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **http://222[.]138.90.111:58820/mozi.m** in [RST Threat Feed](https://rstcloud.net/profeed) with score **66**.\n First seen: 2021-01-18T03:00:00, Last seen: 2021-01-19T03:00:00.\n IOC tags: **malware**.\nIt was found that the IOC is used by: **mozi**.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-01-18T00:00:00", "id": "RST:5B268430-1391-3635-9BB0-D67584A9FD44", "href": "", "published": "2021-01-20T00:00:00", "title": "RST Threat feed. IOC: http://222.138.90.111:58820/mozi.m", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-18T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **ehrlich97beginnen[.]de** in [RST Threat Feed](https://rstcloud.net/profeed) with score **2**.\n First seen: 2019-12-15T03:00:00, Last seen: 2021-01-18T03:00:00.\n IOC tags: **spam**.\nDomain has DNS A records: 23[.]202.231.167,23.217.138.108\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-12-15T00:00:00", "id": "RST:CE96AB23-1391-3302-88F6-898FE298BEC9", "href": "", "published": "2021-01-19T00:00:00", "title": "RST Threat feed. IOC: ehrlich97beginnen.de", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-24T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **37[.]193.60.160** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **9**.\n First seen: 2020-09-08T03:00:00, Last seen: 2020-12-24T03:00:00.\n IOC tags: **generic**.\nASN 31200: (First IP 37.192.0.0, Last IP 37.195.255.255).\nASN Name \"NTK\" and Organisation \"IPv6 customers\".\nASN hosts 1391 domains.\nGEO IP information: City \"Novosibirsk\", Country \"Russia\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-09-08T00:00:00", "id": "RST:855CB9EC-CB25-3E75-BDBA-25970200BAE9", "href": "", "published": "2020-12-25T00:00:00", "title": "RST Threat feed. IOC: 37.193.60.160", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-24T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **177[.]11.116.200** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **31**.\n First seen: 2020-12-21T03:00:00, Last seen: 2020-12-24T03:00:00.\n IOC tags: **generic**.\nASN 52948: (First IP 177.11.112.0, Last IP 177.11.119.255).\nASN Name \"\" and Organisation \"Interneith Via Radio Ltda\".\nASN hosts 3 domains.\nGEO IP information: City \"Alegrete\", Country \"Brazil\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-21T00:00:00", "id": "RST:2A876548-1391-3A37-A5A2-541916AFB32B", "href": "", "published": "2020-12-25T00:00:00", "title": "RST Threat feed. IOC: 177.11.116.200", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-21T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **37[.]193.61.38** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **4**.\n First seen: 2020-04-07T03:00:00, Last seen: 2020-12-21T03:00:00.\n IOC tags: **generic**.\nASN 31200: (First IP 37.192.0.0, Last IP 37.195.255.255).\nASN Name \"NTK\" and Organisation \"IPv6 customers\".\nASN hosts 1391 domains.\nGEO IP information: City \"Novosibirsk\", Country \"Russia\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-04-07T00:00:00", "id": "RST:FA0FBF32-FF64-3A09-8DEA-8F40BC5CEC02", "href": "", "published": "2020-12-22T00:00:00", "title": "RST Threat feed. IOC: 37.193.61.38", "type": "rst", "cvss": {}}]}