CVSS: 4.0EPSS: 6%CPEs: 126EXPL: 1CVE-2010-2426 – Titan FTP XCRC Directory Traversal Information Disclosure
https://notcve.org/view.php?id=CVE-2010-2426
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via "..//" sequences in the xcrc command. Vulnerabilidad de salto de directorio en TitanFTPd en South River Technologies Titan FTP Server v8.10.1125, y probablemente versiones anteriores, permite a usuarios autentificados remotamente leer ficheros de su elección, tamaño de fichero determinado, a través de la secuencia "..//" en el comando xcrc. • http://osvdb.org/65533 http://secunia.com/advisories/40237 http://www.securityfocus.com/archive/1/511839/100/0/threaded http://www.securityfocus.com/bid/40949 https://exchange.xforce.ibmcloud.com/vulnerabilities/59492 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.0EPSS: 86%CPEs: 1EXPL: 2CVE-2008-6082 – Titan FTP Server 6.26 build 630 - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2008-6082
Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command. Titan FTP Server v6.26 build 630 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través del comando "SITE WHO". The Titan FTP server v6.26 build 630 can be DoSd by issuing "SITE WHO". You need a valid login so you can send this command. • https://www.exploit-db.com/exploits/6753 http://secunia.com/advisories/32269 http://www.osvdb.org/49177 http://www.securityfocus.com/bid/31757 https://exchange.xforce.ibmcloud.com/vulnerabilities/45871 • CWE-399: Resource Management Errors •