CVSS: 6.5EPSS: 0%CPEs: 126EXPL: 0CVE-2010-2425
https://notcve.org/view.php?id=CVE-2010-2425
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command. Vulnerabilidad de salto de directorio en TitanFTPd en South River Technologies Titan FTP Server v8.10.1125, y probablemente versiones anteriores, permite a usuarios autentificados remotamente leer ficheroso borrar ficheros de su elección a través de la secuencia "..//" en el comando COMB. • http://secunia.com/advisories/40237 http://www.osvdb.org/65622 http://www.securityfocus.com/archive/1/511873/100/0/threaded http://www.securityfocus.com/bid/40949 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.3EPSS: 10%CPEs: 2EXPL: 1CVE-2008-0702 – Titan FTP Server 6.03 - 'USER/PASS' Remote Heap Overflow (PoC)
https://notcve.org/view.php?id=CVE-2008-0702
Multiple heap-based buffer overflows in Titan FTP Server 6.03 and 6.0.5.549 allow remote attackers to cause a denial of service (daemon crash or hang) and possibly execute arbitrary code via a long argument to the (1) USER or (2) PASS command, different vectors than CVE-2004-1641. Múltiples desbordamientos basados en montículo en Titan FTP Server 6.03 y 6.0.5.549, que permite a atacantes remotos causar una denegación de servicio (cuelgue o caída de demonio) y la posibilidad de ejecutar código de su elección a través de un argumento largo a los comandos (1) USER o (2) PASS, diferentes vectores que el id. CVE-2004-1641. • https://www.exploit-db.com/exploits/5036 http://secunia.com/advisories/28760 http://securityreason.com/securityalert/3639 http://www.securityfocus.com/archive/1/487431/100/0/threaded http://www.securityfocus.com/bid/27568 http://www.vupen.com/english/advisories/2008/0393 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •