virus logo Intrusion Prevention

SurgeLDAP.HTTP.GET.DoS

description-logoDescription

This indicates an attack attempt against a denial-of-service vulnerability in SurgeLDAP.
The vulnerability is due to an error when the vulnerable software handles an overly long HTML request. An attacker may exploit this to cause the server to crash, leading to a denial of service.
SurgeLDAP stores passwords in a plaintext file. Any user with local access to the machine can therefore view the passwords for all users.

affected-products-logoAffected Products

NetWin SurgeLDAP 1.0 d

Impact logoImpact

Denial of service
System compromise: remote code execution.

recomended-action-logoRecommended Actions

Apply the appropriate patch from the vendor or upgrade to a non-vulnerable version.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-12-02 16.972
ID 24721
Created May 11, 2011
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Default Action pass
Active
Affected OS Windows, Linux
Affected App Other