Signature Detail
Short Name |
FTP:COMMAND:TITAN-SERV-DIR-TRAV |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
FTP |
Keywords |
Titan FTP Server Arbitrary File Disclosure |
Release Date |
2012/11/05 |
Update Number |
2200 |
Supported Platforms |
idp-4.0+, isg-3.4+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
FTP: Titan FTP Server Arbitrary File Disclosure
This signature detects attempts to exploit a known vulnerability against Titan FTP Server. A successful attack can lead to arbitrary file disclosure.
Extended Description
Titan FTP Server is prone to an arbitrary-file-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view local files in the context of the webserver process, which may aid in further attacks. Titan FTP Server 8.10.1125 is vulnerable; other versions may also be affected.
Affected Products
- South River Technologies Titan FTP Server 2.10.0
- South River Technologies Titan FTP Server 2.2.0
- South River Technologies Titan FTP Server 3.0.0 1
- South River Technologies Titan FTP Server 3.10.0
- South River Technologies Titan FTP Server 3.21.0
- South River Technologies Titan FTP Server 3.30.0
- South River Technologies Titan FTP Server 6.05 Build 550
- South River Technologies Titan FTP Server 6.26 Build 630
- South River Technologies Titan FTP Server 8.10.1125
References
- BugTraq: 40949
- BugTraq: 40904
- CVE: CVE-2010-2426
- CVE: CVE-2010-2425