CVE-2008-0702

NUCLEI

Titan FTP Server 6.03 and 6.0.5.549 - Heap-Based Buffer Overflow via USER or PASS Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0702. PoCs published by securfrog. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit triggers a heap overflow in Titan FTP Server by sending overly long USER and PASS commands, leading to a crash and potential remote code execution. The PoC demonstrates the vulnerability by causing an access violation.

Description

Multiple heap-based buffer overflows in Titan FTP Server 6.03 and 6.0.5.549 allow remote attackers to cause a denial of service (daemon crash or hang) and possibly execute arbitrary code via a long argument to the (1) USER or (2) PASS command, different vectors than CVE-2004-1641.

Exploits (1)

exploitdb WORKING POC VERIFIED

by securfrog · perldoswindows

https://www.exploit-db.com/exploits/5036

View Code ZIP pw:eip

This exploit triggers a heap overflow in Titan FTP Server by sending overly long USER and PASS commands, leading to a crash and potential remote code execution. The PoC demonstrates the vulnerability by causing an access violation.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Titan FTP Server (version not specified)

No auth needed

Prerequisites: Network access to the target FTP server

MITRE ATT&CK