Bugtraq mailing list archives
TitanFTP Server COMB directory traversal
From: bill () accensussecurity com
Date: Thu, 17 Jun 2010 13:56:21 -0600
Accensus Security Advisory L-01 TitanFtp Server Arbitrary File Download/Delete Details ============= Product: TitanFTPd Security-Risk: high Remote-Exploit: maybe, assuming anonymous ftp access Local-Exploit: yes Vendor URL: http://www.southrivertech.com/ Found By: Bill Finlayson http://www.accensussecurity.com Affected: Versions 8.10.1125 and likely previous Issue: the comb command is susceptible to a directory traversal attack which will allow downloading of arbitrary files on the server and deletion of arbitrary files on the server Details: quote comb a ..//..//..//..//b puts contents of 'b' in the file in the users home directory called 'a' and then deletes file b Status: Submitted to Vendor 6/14/10 fixed 6/15/10
Current thread:
- TitanFTP Server COMB directory traversal bill (Jun 17)