VULHUB ™

A problem with SurfinGate could make it possible for an attacker to circumvent file filters that are set in place. SurfinGate uses the file extension to determine if a file is of a type that is blacklisted by the software. It has been reported that an attacker may bypass SurfinGate file filtering rules by appending an extra file extension of a type that is not blacklisted to the end of the file name. It should be noted that an end user would still have interactively to open or execute the malicious file.

A problem with SurfinGate could make it possible for an attacker to circumvent file filters that are set in place. SurfinGate uses the file extension to determine if a file is of a type that is blacklisted by the software. It has been reported that an attacker may bypass SurfinGate file filtering rules by appending an extra file extension of a type that is not blacklisted to the end of the file name. It should be noted that an end user would still have interactively to open or execute the malicious file.