[ home ]  [ private ]  [ 0Day ]  [ discount ]  [ Get Gold ]  [ platforms ]  [ pentest ]  [ search ]  [ faq ]  [ contact ]  [ style ]  [ Prices in Gold ]   db: 39 451    
0day Today Exploit DB Official Facebook
0day Today Exploit DB Official Twitter
0day Today Exploit DB Official RSS Channel
Tor
We DO NOT use Telegram or any messengers / social networks!
We DO NOT use Telegram or any messengers / social networks!

We DO NOT use Telegram or any messengers / social networks!

Please, beware of scammers!

 
0day.today - Biggest Exploit Database in the World.
Select your language:  
English
English
Русский
Русский
Deutsch
Deutsch
Türkçe
Türkçe
Français
Français
Italiano
Italiano
Español
Español
Romania
Romania
Polskie
Polskie
العربية
العربية
Japan
Japan
China
China
Things you should know about 0day.today:
  • We use one main domain: http://0day.today
  • Most of the materials is completely FREE
  • If you want to purchase the exploit / get V.I.P. access or pay for any other service,
    you need to buy or earn GOLD
We accept currencies: [contact admin to find more]
           
We don't want you to use our site as a tool for hacking purposes, so any kind of action that could affect illegaly other users or websites that you don't have right to access will be banned and your account including your data will be destroyed.

Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks! We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
I am registered user of 0day.today. I don't want to see this screen in future.
What to do first?
  1. Read the [ agreement ]
  2. Read the [ Submit ] rules
  3. Visit the [ faq ] page
  4. [ Register ] profile
  5. Get [ GOLD ]
  6. If you want to [ sell ]
  7. If you want to [ buy ]
  8. If you lost [ Account ]
  9. Any questions [ admin@0day.today ]


Main links


You can contact us by

Mail:
mr.inj3ct0r@gmail.com
Facebook:
Inj3ct0rs
Twitter:
Inj3ct0r
Telegram:
We DO NOT use Telegram or any messengers / social networks!
[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
Mail:
mr.inj3ct0r@gmail.com
Facebook:
Inj3ct0rs
Twitter:
Inj3ct0r
Telegram:
We DO NOT use Telegram or any messengers / social networks!
0day Today Exploits Market and 0day Exploits Database

Titan FTP Server 10.32 Build 1816 - Directory Traversal Vulnerability

Author
Fara Rustein
Risk
[
Security Risk Medium
]
0day-ID
0day-ID-21879
Category
web applications
Date add
11-02-2014
CVE
CVE-2014-1841
Platform
windows
"Titan FTP Server Directory Traversal Vulnerabilities"
  
******************************************************************************
  
- Affected Vendor: South River Technologies
- Affected System: Titan FTP Server software (Version 10.32 Build 1816)
- Vendor Disclosure Date: January 27th, 2014
- Public Disclosure Date: February 10h, 2014
- Vulnerabilities' Status: Fixed
  
******************************************************************************
  
Associated CVEs:
  
1) CVE-2014-1841:
   It is possible to copy the complete home folder of another user by leveraging a vulnerability on the Titan FTP Server Web Interface.
  
2) CVE-2014-1842:
   It is possible to obtain the complete list of existing users by writing "/../" on the search bar.
  
3) CVE-2014-1843:
   It is possible to observe the "Properties" for an existing user home folder.
   This also allows for enumeration of existing users on the system.
  
Associated CWE:
  
  CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
  http://cwe.mitre.org/data/definitions/22.html
  
******************************************************************************
  
DESCRIPTIONS
============
  
1) CVE-2014-1841:
  
   It is possible to copy the complete home folder of another user by leveraging a vulnerability on the Titan FTP Server Web Interface.
    
   This is done by using the "Move" function, and replacing the "src" parameter value with the "/../<folder name of another user>" value.  
  
2) CVE-2014-1842:
  
   It is possible to obtain the complete list of existing users by writing "/../" on the search bar and hitting the "Go" button.
  
3) CVE-2014-1843:
  
   It is possible to observe the "Properties" for an existing user home folder.
    
   This also allows for enumeration of existing users on the system.
    
   This is done by using the "Properties" function, and replacing the "src" parameter value with the "/../<folder name of another user>" value.  
  
******************************************************************************
  
- Available fix:
  Titan FTP Server software (Version 10.40 Build 1829):
   + titanftp32_10_40_1829_en.exe
   + titanftp64_10_40_1829_en.exe
  
- Related Links: Deloitte Argentina - www.deloitte.com/ar
  
- Feedback:
  If you have any questions, comments, concerns, updates or suggestions please contact:
   + Fara Rustein
     frustein@deloitte.com (Twitter: @fararustein)
   + Luciano Martins
     lmartins@deloitte.com (Twitter: @clucianomartins)
  
******************************************************************************
  
Credits:
  
CVE-2014-1841:
  1. It is possible to copy the complete home folder of another user by leveraging a vulnerability on the Titan FTP Server Web Interface.
  Discovered by Fara Rustein - frustein@deloitte.com
  
CVE-2014-1842:
  2. It is possible to obtain the complete list of existing users by writing "/../" on the search bar.
  Discovered by Luciano Martins - lmartins@deloitte.com
  
CVE-2014-1843:
  3. It is also possible to observe the "Properties" for an existing user home folder.
  This also allows for enumeration of existing users on the system.
  Discovered by Fara Rustein - frustein@deloitte.com

#  0day.today [2024-07-02]  #
0day Today Exploit Database buy and sell exploits type (local, remote, DoS, PoC, etc.)
Send all submissions to mr.inj3ct0r[at]gmail.com
Copyright © 2008-2024 0day Today Team