Detections
Analytics

Titan FTP Server SITE WHO Command Resource Consumption DoS

medium Nessus Plugin ID 34434

Language:

Synopsis

The remote FTP server is prone to a denial of service attack.

Description

The version of Titan FTP Server installed on the remote host goes into an unstable state when it receives a 'SITE WHO' command. An unauthenticated, remote attacker can leverage this issue to deny service to legitimate users.

Solution

Upgrade to Titan FTP NextGen 2.0.6 or later.

See Also

http://www.southrivertech.com/products/titanftp/verhist.html

Plugin Details

Severity: Medium

ID: 34434

File Name: titan_ftp_6_26_631.nasl

Version: 1.20

Type: remote

Family: FTP

Published: 10/16/2008

Updated: 7/26/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2008-6082

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

CVE: CVE-2008-6082

BID: 31757

CWE: 399