CVE-2010-2426 – Titan FTP XCRC Directory Traversal Information Disclosure
https://notcve.org/view.php?id=CVE-2010-2426
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via "..//" sequences in the xcrc command. Vulnerabilidad de salto de directorio en TitanFTPd en South River Technologies Titan FTP Server v8.10.1125, y probablemente versiones anteriores, permite a usuarios autentificados remotamente leer ficheros de su elección, tamaño de fichero determinado, a través de la secuencia "..//" en el comando xcrc. • http://osvdb.org/65533 http://secunia.com/advisories/40237 http://www.securityfocus.com/archive/1/511839/100/0/threaded http://www.securityfocus.com/bid/40949 https://exchange.xforce.ibmcloud.com/vulnerabilities/59492 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2004-1641 – Titan FTP Server - Long Command Heap Overflow
https://notcve.org/view.php?id=CVE-2004-1641
Heap-based buffer overflow in Titan FTP 3.21 and earlier allows remote attackers to cause a denial of service (crash) via a long FTP command such as (1) CWD, (2) STAT, or (3) LIST. • https://www.exploit-db.com/exploits/426 http://marc.info/?l=bugtraq&m=109396159332523&w=2 http://secunia.com/advisories/12419 http://www.securityfocus.com/bid/11069 https://exchange.xforce.ibmcloud.com/vulnerabilities/17172 •
CVE-2004-0437 – Titan FTP Server 3.0 - 'LIST' Denial of Service
https://notcve.org/view.php?id=CVE-2004-0437
Titan FTP Server version 3.01 build 163, and possibly other versions before build 169, allows remote authenticated users to cause a denial of service (crash) by disconnecting from the system during a "LIST -L" command, which causes Titan to access an invalid socket. Titan FTP Server versión 3.01 compilación 163, y posiblemente otras versiones anteriores a compilación 169, permite a usuarios remotos autenticados causar una denegación de servicio (caída) desconectando del sistema durante una órden "LIST - L", lo que causa que Titan acceda a un socket no válido. • https://www.exploit-db.com/exploits/24080 http://archives.neohapsis.com/archives/vulnwatch/2004-q2/0025.html http://marc.info/?l=bugtraq&m=108378048513596&w=2 http://www.securiteam.com/windowsntfocus/5RP0215CUU.html https://exchange.xforce.ibmcloud.com/vulnerabilities/16057 •