Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1843

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-1843
Last Modified 29 Jul 2015 12:19:02
Published 29 Apr 2014 06:37:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-1843

Summary

Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter.

Vulnerable Systems

Application

  • Southrivertech Titan Ftp Server 10.0.1733

  • Southrivertech Titan Ftp Server 10.01.1740

  • Southrivertech Titan Ftp Server 10.30

  • Southrivertech Titan Ftp Server 10.40


References

FULLDISC - 20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]

BID - 65469

OSVDB - 103197

EXPLOIT-DB - 31579


Last Updated: 27 May 2016 11:08:47