| VID |
16081 |
| Severity |
20 |
| Port |
21 |
| Protocol |
TCP |
| Class |
FTP |
| Detailed Description |
The Titan FTP Server, according to its version number, has a denial of service vulnerability via the 'LIST' command. Titan FTP Server is an FTP server that supports Secure Sockets Layer (SSL) for Microsoft Windows operating systems. Titan FTP Server version 3.01 build 163, and possibly other versions before build 169, allows remote authenticated attackers to cause a denial of service (crash) by disconnecting from the system during a "LIST -L" command, which causes Titan to access an invalid socket.
* Note: This check solely relied on the version number of the remote Titan FTP Server to assess this vulnerability, so this might be a false positive.
* References:
http://packetstormsecurity.nl/0405-exploits/titanDoS.txt
* Platforms Affected:
South River Technologies, Titan FTP Server 3.01 build 163
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of Titan FTP Server (3.10 build 169 or later), available from the South River Technologies Web site at http://www.southrivertech.com/products/titanftp/index.html |
| Related URL |
CVE-2004-0437 (CVE) |
| Related URL |
10272 (SecurityFocus) |
| Related URL |
16057 (ISS) |
|
