Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1842

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-1842
Last Modified 29 Jul 2015 12:18:31
Published 29 Apr 2014 06:37:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-1842

Summary

Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value.

Vulnerable Systems

Application

  • Southrivertech Titan Ftp Server 10.0.1733

  • Southrivertech Titan Ftp Server 10.01.1740

  • Southrivertech Titan Ftp Server 10.30

  • Southrivertech Titan Ftp Server 10.40


References

FULLDISC - 20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]

OSVDB - 103196

EXPLOIT-DB - 31579


Last Updated: 27 May 2016 11:05:06