TitanFtp Server version 8.10.1125 suffers from a traversal vulnerability which will allow an attacker to download and delete arbitrary files from the server.
542717b6d2e3c0e4b688d642623cc0b6686e08ca7ef7eadf4b6a38ba28b04e3e
Accensus Security Advisory L-01 TitanFtp Server Arbitrary File Download/Delete
Details
=============
Product: TitanFTPd
Security-Risk: high
Remote-Exploit: maybe, assuming anonymous ftp access
Local-Exploit: yes
Vendor URL: http://www.southrivertech.com/
Found By: Bill Finlayson
http://www.accensussecurity.com
Affected: Versions 8.10.1125 and likely previous
Issue: the comb command is susceptible to a directory traversal attack which will allow downloading of arbitrary files on the server and deletion of arbitrary files on the server
Details: quote comb a ..//..//..//..//b
puts contents of 'b' in the file in the users home directory called 'a' and then deletes file b
Status: Submitted to Vendor 6/14/10 fixed 6/15/10