CVE-2008-5281
published 2008-11-29CVE-2008-5281: Heap-based buffer overflow in Titan FTP Server 6.05 build 550 allows remote attackers to execute arbitrary code via a long DELE command.
PriorityP355critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
6.40%
92.8th percentile
Heap-based buffer overflow in Titan FTP Server 6.05 build 550 allows remote attackers to execute arbitrary code via a long DELE command.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| south_river_technologies | titan_ftp_server | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Titan FTP Server 6.05 build 550 - 'DELE' Remote Buffer Overflow (PoC)
exploitdb·2008-02-04
CVE-2008-5281 Titan FTP Server 6.05 build 550 - 'DELE' Remote Buffer Overflow (PoC)
Titan FTP Server 6.05 build 550 - 'DELE' Remote Buffer Overflow (PoC)
---
source: https://www.securityfocus.com/bid/27611/info
Titan FTP Server is prone to a remote buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker may exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial of service.
This issue affects Titan FTP Server 6.05 build 550; other versions may also be vulnerable.
#!/usr/bin/python
#
# First of all, thanks to my wife Edita.
#
# Heap overflow in Titan FTP Server version 6.05 build 550
# (DELE ) - probab
Nuclei
Titan FTP Server 6.05 DELE Command - Heap Overflow
nuclei·CVSS 10.0
CVE-2008-5281 [CRITICAL] Titan FTP Server 6.05 DELE Command - Heap Overflow
Titan FTP Server 6.05 DELE Command - Heap Overflow
Titan FTP Server version 6.05 build 550 contains a heap overflow vulnerability when processing long DELE commands. Remote attackers can cause denial of service (daemon crash) or potentially execute arbitrary code by sending excessively long arguments to the DELE command.
Template:
id: CVE-2008-5281
info:
name: Titan FTP Server 6.05 DELE Command - Heap Overflow
author: pussycat0x
severity: critical
description: |
Titan FTP Server version 6.05 build 550 contains a heap overflow vulnerability when processing long DELE commands. Remote attackers can cause denial of service (daemon crash) or potentially execute arbitrary code by sending excessively long arguments to the DELE command.
impact: |
Unauthenticated attackers can send long DELE co
No writeups or analysis indexed.
2008-11-29
Published