id: CVE-2014-1843

info:
  name: Titan FTP Server < 10.40 - User Properties Traversal
  author: pussycat0x
  severity: medium
  description: |
    Titan FTP Server versions prior to 10.40 build 1829 contain a directory traversal vulnerability that allows remote attackers to view "Properties" of user folders via path traversal. This enables user enumeration and access to sensitive user information that could aid in launching further attacks.
  impact: |
    Unauthenticated attackers can exploit directory traversal to view properties of user folders, enabling user enumeration and reconnaissance for launching targeted attacks against Titan FTP Server.
  remediation: |
    Update Titan FTP Server to version 10.40 build 1829 or later that properly validates file paths and prevents directory traversal in user property access.
  classification:
    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N
    cvss-score: 5
    cve-id: CVE-2014-1843
    cwe-id: CWE-22
    epss-score: 0.03584
    epss-percentile: 0.88065
    cpe: cpe:2.3:a:southrivertech:titan_ftp_server:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: southrivertech
    product: titan_ftp_server
    shodan-query: product:"Titan ftpd"
  tags: cve,cve2014,network,ftp,titan-ftp,tcp,passive,vuln

tcp:
  - inputs:
      - data: 00000000
        type: hex

    host:
      - "{{Hostname}}"

    port: 21
    read-size: 1024

    matchers:
      - type: dsl
        dsl:
          - "contains(raw, 'Titan')"
          - "compare_versions(version, '< 10.40')"
        condition: and

    extractors:
      - type: regex
        group: 1
        name: version
        regex:
          - "Titan FTP Server ([0-9.]+)"
# digest: 4a0a0047304502202669d24323cf02ed3eb7290ba6c41a5f98cead2e5d487a43dee0fcfd57fc2b42022100ce496eb77f232823705fd61d5450c158294d05d3cf63cafc0a0b177757bdb935:922c64590222798bb761d5b6d8e72950